Hi,
CVE was not assigned. I will ping the reported to get it assigned.
In the temporary patch is not clear is fixing a specific security issue,
the path of the security issue is not really readable from the code
either so I think it's not a problem if that fix is public. This will let
people the time to update the packages.
Frediano
Il giorno gio 11 lug 2019 alle ore 06:41 Alex Murray <
<email address hidden>> ha scritto:
> Has a CVE been assigned for this issue? If not, could you please apply
> for one via MITRE https://cveform.mitre.org/ so that all distributions
> can be aware of and ensure they fix this issue? Given the fix is public,
> is there a reason to keep this bug private?
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1835896
>
> Title:
> Heap overflow if UDT type is used with protocol 5.0
>
> To manage notifications about this bug go to:
>
> https://bugs.launchpad.net/ubuntu/+source/freetds/+bug/1835896/+subscriptions
>
Hi,
CVE was not assigned. I will ping the reported to get it assigned.
In the temporary patch is not clear is fixing a specific security issue,
the path of the security issue is not really readable from the code
either so I think it's not a problem if that fix is public. This will let
people the time to update the packages.
Frediano
Il giorno gio 11 lug 2019 alle ore 06:41 Alex Murray <
<email address hidden>> ha scritto:
> Has a CVE been assigned for this issue? If not, could you please apply /cveform. mitre.org/ so that all distributions /bugs.launchpad .net/bugs/ 1835896 /bugs.launchpad .net/ubuntu/ +source/ freetds/ +bug/1835896/ +subscriptions
> for one via MITRE https:/
> can be aware of and ensure they fix this issue? Given the fix is public,
> is there a reason to keep this bug private?
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https:/
>
> Title:
> Heap overflow if UDT type is used with protocol 5.0
>
> To manage notifications about this bug go to:
>
> https:/
>