On Wed, Mar 15, 2017 at 08:44:59PM +0100, Peter Bex wrote: > Hi all, > > Our user "Lemonboy" has found a vulnerability in CHICKEN's SRFI-4 > constructors, when using a nonstandard extension; the "NONGC" argument > to make-[su]{8,16,32}vector. This argument will allocate a uniform > bytevector in unmanaged memory (not subject to garbage collection), > by using malloc().
This issue has been assigned CVE-2017-6949. Regards, The CHICKEN Team
signature.asc
Description: Digital signature
_______________________________________________ Chicken-users mailing list Chicken-users@nongnu.org https://lists.nongnu.org/mailman/listinfo/chicken-users