[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Chicken-announce] [SECURITY] Buffer-overrun in some uses of read-u8

From: Peter Bex
Subject: Re: [Chicken-announce] [SECURITY] Buffer-overrun in some uses of read-u8vector
Date: Mon, 19 May 2014 09:18:45 +0200
User-agent: Mutt/

On Sun, May 18, 2014 at 01:27:36PM +0200, Peter Bex wrote:
> Hello CHICKEN users,
> A problem was found with the read-u8vector! procedure from the srfi-4
> unit, which is almost identical to CVE-2013-4385 (which related to
> the read-string! procedure, see 
> for details).

This issue has been assigned CVE-2014-3776.

Many thanks to Seth Alves for reporting the bug that lead to the
discovery of the underlying problem.

Kind regards,

reply via email to

[Prev in Thread] Current Thread [Next in Thread]