[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Chicken-users] [Chicken-announce] [SECURITY] Potential denial of se
From: |
Peter Bex |
Subject: |
Re: [Chicken-users] [Chicken-announce] [SECURITY] Potential denial of service due to segfault in "length" on improper lists |
Date: |
Thu, 1 Jun 2017 09:19:36 +0200 |
User-agent: |
Mutt/1.5.23 (2014-03-12) |
On Wed, May 31, 2017 at 08:48:20AM +0200, Peter Bex wrote:
> Hi all,
>
> We just fixed a potential security issue in the standard Scheme length
> procedure. When length is called on an improper list, the underlying
> C function C_i_list incorrectly checks the head of the _input_ list
> for being a pair rather than the head of the part currently being
> traversed.
This issue has been assigned CVE-2017-9334.
Note that this issue affects all releases, up to and including 4.12.
Regards,
The CHICKEN Team
signature.asc
Description: Digital signature
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [Chicken-users] [Chicken-announce] [SECURITY] Potential denial of service due to segfault in "length" on improper lists,
Peter Bex <=