Common Vulnerabilities and Exposures assigned an identifier CVE-2014-3776 to the following vulnerability: Name: CVE-2014-3776 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3776 Assigned: 20140519 Reference: http://lists.gnu.org/archive/html/chicken-hackers/2014-05/msg00032.html Reference: http://lists.gnu.org/archive/html/chicken-announce/2014-05/msg00001.html Reference: http://seclists.org/oss-sec/2014/q2/328 Reference: http://seclists.org/oss-sec/2014/q2/334 Reference: http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=1d06ce7e21c7e903ca5dca11fda6fcf2cc52de5e Reference: https://bugs.call-cc.org/ticket/1124 Reference: http://www.securityfocus.com/bid/67468 Buffer overflow in the "read-u8vector!" procedure in the srfi-4 unit in CHICKEN stable 4.8.0.7 and development snapshots before 4.9.1 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via a "#f" value in the NUM argument.
Created chicken tracking bugs for this issue: Affects: fedora-all [bug 1099614] Affects: epel-6 [bug 1099615]
chicken-4.8.0.6-2.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
chicken-4.8.0.6-2.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
chicken-4.8.0.6-2.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.