Information on source package radare2

Available versions

ReleaseVersion
wheezy0.9-3
wheezy (security)0.9-3+deb7u2
jessie0.9.6-3.1+deb8u1
stretch1.1.0+dfsg-5
buster1.1.0+dfsg-5
sid1.1.0+dfsg-5

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-9763vulnerable (no DSA)vulnerablevulnerablevulnerablevulnerableThe grub_ext2_read_block function in fs/ext2.c in GNU GRUB before ...
CVE-2017-9762vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows ...
CVE-2017-9761vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe find_eoq function in libr/core/cmd.c in radare2 1.5.0 allows remote ...
CVE-2017-9520vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe r_config_set function in libr/config/config.c in radare2 1.5.0 ...
CVE-2017-7946vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 ...
CVE-2017-6448fixedvulnerable (no DSA)fixedfixedfixedThe dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 ...
CVE-2017-6197fixedvulnerable (no DSA)fixedfixedfixedThe r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 ...
CVE-2015-2305vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedInteger overflow in the regcomp implementation in the Henry Spencer ...

Resolved issues

BugDescription
CVE-2017-7854The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote ...
CVE-2017-7716The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 ...
CVE-2017-7274The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 ...
CVE-2017-6415The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 ...
CVE-2017-6387The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 ...
CVE-2017-6319The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 ...
CVE-2017-6194The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows ...

Security announcements

DSA / DLADescription
DLA-901-1radare2 - security update
DLA-837-1radare2 - security update

Search for package or bug name: Reporting problems