Control: tags -1 + patch pending
I believe the following patch, also passed upstream, will solve the
issue:
Description: Handle file descriptors with nonexisting env names better.
Avoid writing past allocated memory.
This fixes CVE-2021-33464.
Author: Petter Reinholdtsen
Bug: https://github.co
Source: yasm
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for yasm.
CVE-2021-33464[0]:
| An issue was discovered in yasm version 1.3.0. There is a heap-buffer-
| overflow in inc_fopen() in modules/preprocs/nasm/nasm-pp.c.
2 matches
Mail list logo
