[oss-security] CVE request: heap-based buffer overflow in ldns

Could a CVE be assigned to this flaw? A boundary error in
ldns_rr_new_frm_str_internal() could lead to a heap-based buffer overfow
when processing RR records.

http://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=403
https://secunia.com/advisories/46153/
https://bugzilla.redhat.com/show_bug.cgi?id=741024

Thanks.

-- Vincent Danen / Red Hat Security Response Team

• This message: [ Message body ]
• Next message: Pierre Joye: "[oss-security] Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8"
• Previous message: Vincent Danen: "[oss-security] CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8"
• Next in thread: Josh Bressers: "Re: [oss-security] CVE request: heap-based buffer overflow in ldns"
• Reply: Josh Bressers: "Re: [oss-security] CVE request: heap-based buffer overflow in ldns"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]