[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Chicken-announce] [SECURITY] Potential denial of service due to seg

From: Peter Bex
Subject: Re: [Chicken-announce] [SECURITY] Potential denial of service due to segfault in "length" on improper lists
Date: Thu, 1 Jun 2017 09:19:36 +0200
User-agent: Mutt/1.5.23 (2014-03-12)

On Wed, May 31, 2017 at 08:48:20AM +0200, Peter Bex wrote:
> Hi all,
> We just fixed a potential security issue in the standard Scheme length
> procedure.  When length is called on an improper list, the underlying
> C function C_i_list incorrectly checks the head of the _input_ list
> for being a pair rather than the head of the part currently being
> traversed.

This issue has been assigned CVE-2017-9334.

Note that this issue affects all releases, up to and including 4.12.


Attachment: signature.asc
Description: Digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]