FS#46474 : [libunwind] CVE-2015-3239, off-by-one in libunwind <= 1.1

FS#46474 - [libunwind] CVE-2015-3239, off-by-one in libunwind <= 1.1

Attached to Project: Arch Linux
Opened by Remi Gacogne (rgacogne) - Tuesday, 29 September 2015, 14:08 GMT
Last edited by Sébastien Luttringer (seblu) - Wednesday, 30 September 2015, 19:59 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	Sébastien Luttringer (seblu)
Architecture	All
Severity	Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Hello,

Using the ArchCVE[1] tool, I noticed that a vulnerability[2] in libunwind seem to have slipped through the cracks. It is not critical, but as a new version has still not been released, we might want to backport the small fix applied upstream[3] to fix this issue.

[1]: https://github.com/jelly/ArchCVE
[2]: https://bugzilla.redhat.com/show_bug.cgi?id=1232265
[3]: http://git.savannah.gnu.org/cgit/libunwind.git/commit/?id=396b6c7ab737e2bff244d640601c436a26260ca1

This task depends upon

Closed by Sébastien Luttringer (seblu)
Wednesday, 30 September 2015, 19:59 GMT
Reason for closing: Fixed
Additional comments about closing: libunwind-1.1-3-

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#46474 - [libunwind] CVE-2015-3239, off-by-one in libunwind <= 1.1

Details

Loading...