FS#41166 - [glibc] CVE-2014-0475: glibc directory traversal in LC_* locale handling
Attached to Project:
Arch Linux
Opened by Daniel Micay (thestinger) - Friday, 11 July 2014, 14:29 GMT
Last edited by Allan McRae (Allan) - Wednesday, 10 September 2014, 00:31 GMT
Opened by Daniel Micay (thestinger) - Friday, 11 July 2014, 14:29 GMT
Last edited by Allan McRae (Allan) - Wednesday, 10 September 2014, 00:31 GMT
|
Details
http://www.openwall.com/lists/oss-security/2014/07/10/7
It would probably best to backport the 3 commits listed there, even though the switch away from alloca isn't technically required. |
This task depends upon
Closed by Allan McRae (Allan)
Wednesday, 10 September 2014, 00:31 GMT
Reason for closing: Fixed
Additional comments about closing: glibc-2.20 in [testing]
Wednesday, 10 September 2014, 00:31 GMT
Reason for closing: Fixed
Additional comments about closing: glibc-2.20 in [testing]
https://sourceware.org/git/?p=glibc.git;a=shortlog;h=refs/heads/allan/2.19/backport