On Fri, Feb 22, 2019 at 10:57:20PM +0100, Moritz Mühlenhoff wrote:
> On Wed, Dec 19, 2018 at 10:07:59PM -0800, Ben Pfaff wrote:
> > On Thu, Dec 20, 2018 at 06:22:14AM +0100, Salvatore Bonaccorso wrote:
> > > Source: pspp
> > > Version: 1.2.0-2
> > > Severity: important
> > > Tags: security upstream
> > >
> > > Hi,
> > >
> > > The following vulnerability was published for pspp.
> > >
> > > CVE-2018-20230[0]:
> > > | An issue was discovered in PSPP 1.2.0. There is a heap-based buffer
> > > | overflow at the function read_bytes_internal in
> > > | utilities/pspp-dump-sav.c, which allows attackers to cause a denial of
> > > | service (application crash) or possibly have unspecified other impact.
> >
> > This is another instance of a recurring problem with PSPP, in which some
> > anonymous person reports a vulnerability to MITRE, but not to the
> > upstream authors or the pspp-security list, and so the authors only hear
> > about it when Red Hat and Debian file bugs based on it. It makes me
> > really mad.
>
> Regardless of the questionable reporting done here, do you know if this
> bug has been addressed/reported upstream?
Yes, I fixed it upstream with commit abd1f816ca3b ("pspp-dump-sav: Issue
error message for too-large extension records.") on January 1.
