[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Chicken-users] [SECURITY] Fix buffer overrun in substring-index[-ci]

From: Moritz Heidkamp
Subject: [Chicken-users] [SECURITY] Fix buffer overrun in substring-index[-ci]
Date: Mon, 12 Jan 2015 16:12:00 +0100

Dear CHICKEN users,

the substring-index[-ci] procedures of the data-structures unit are
vulnerable to a buffer overrun attack when passed an integer greater
than zero as the optional START argument. This issue was fixed in master
(25db851) and chicken-5 (63d0445) via the patch discussed at

Affected versions: all
Fix versions:, 4.9.1, 5.0

Kind regards,
The CHICKEN team

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]