Thanks for the reminder Salvatore -- I'll get this sorted out. On Sat, Apr 22, 2017 at 10:43 AM, Salvatore Bonaccorso <car...@debian.org> wrote:
> Source: capnproto > Version: 0.5.3-2 > Severity: minor > Tags: upstream security fixed-upstream > > Hi, > > the following vulnerability was published for capnproto. > > CVE-2017-7892[0]: > | Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a > | compiler optimization. A remote attacker can trigger a segfault in a > | 32-bit libcapnp application because Cap'n Proto relies on pointer > | arithmetic calculations that overflow. An example compiler with > | optimization that elides a bounds check in such calculations is Apple > | LLVM version 8.1.0 (clang-802.0.41). The attack vector is a crafted far > | pointer within a message. > > So far only Apple's compiler has been shown to apply the problematic > optimization. The issue though is fixed in 0.5.3.1 and this bugreport > is to help track the fix so that we can properly update the fixing > version once the fix lands in the archive. > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2017-7892 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7892 > > Regards, > Salvatore > -- *Tom Lee */ http://tomlee.co / @tglee <http://twitter.com/tglee>
