chicken-users
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Chicken-users] [Chicken-announce] [SECURITY] Potential denial of se


From: Peter Bex
Subject: Re: [Chicken-users] [Chicken-announce] [SECURITY] Potential denial of service due to segfault in "length" on improper lists
Date: Thu, 1 Jun 2017 09:19:36 +0200
User-agent: Mutt/1.5.23 (2014-03-12)

On Wed, May 31, 2017 at 08:48:20AM +0200, Peter Bex wrote:
> Hi all,
> 
> We just fixed a potential security issue in the standard Scheme length
> procedure.  When length is called on an improper list, the underlying
> C function C_i_list incorrectly checks the head of the _input_ list
> for being a pair rather than the head of the part currently being
> traversed.

This issue has been assigned CVE-2017-9334.

Note that this issue affects all releases, up to and including 4.12.

Regards,
The CHICKEN Team

Attachment: signature.asc
Description: Digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]