On Wed, Mar 15, 2017 at 08:44:59PM +0100, Peter Bex wrote:
> Hi all,
>
> Our user "Lemonboy" has found a vulnerability in CHICKEN's SRFI-4
> constructors, when using a nonstandard extension; the "NONGC" argument
> to make-[su]{8,16,32}vector. This argument will allocate a uniform
> bytevector in unmanaged memory (not subject to garbage collection),
> by using malloc().This issue has been assigned CVE-2017-6949. Regards, The CHICKEN Team
signature.asc
Description: Digital signature
_______________________________________________ Chicken-users mailing list Chicken-users@nongnu.org https://lists.nongnu.org/mailman/listinfo/chicken-users
