HI Dongdong, > We are doing some fuzzing tests on Binutils-2.30
Just as an aside the latest binutils release is 2.31.1 ... > and find a heap overflow bug in nm-new 32 bit version. Was there a binutils bug report filed for this problem ? I may have missed it. > We also filed a interger-overflow bug in binutils-2.30 recently at > https://sourceware.org/bugzilla/show_bug.cgi?id=23932. Thank you for filing this bug report. I am currently testing a fix for it. > Can we get the corresponding CVE number for the two bugs reported? Sorry - we do not allocate these numbers. Normally they are automatically allocated by the Mitre corporation, which regularly scans the binutils bugzilla system for new bug reports. You can find out more information here: http://cve.mitre.org/cve/request_id.html I should also note that it usually takes a couple of weeks between filing a bug report in the binutils bugzilla system and a CVE number being allocated. Cheers Nick _______________________________________________ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
