FS#46474 - [libunwind] CVE-2015-3239, off-by-one in libunwind <= 1.1
Attached to Project:
Arch Linux
Opened by Remi Gacogne (rgacogne) - Tuesday, 29 September 2015, 14:08 GMT
Last edited by Sébastien Luttringer (seblu) - Wednesday, 30 September 2015, 19:59 GMT
Opened by Remi Gacogne (rgacogne) - Tuesday, 29 September 2015, 14:08 GMT
Last edited by Sébastien Luttringer (seblu) - Wednesday, 30 September 2015, 19:59 GMT
|
Details
Hello,
Using the ArchCVE[1] tool, I noticed that a vulnerability[2] in libunwind seem to have slipped through the cracks. It is not critical, but as a new version has still not been released, we might want to backport the small fix applied upstream[3] to fix this issue. [1]: https://github.com/jelly/ArchCVE [2]: https://bugzilla.redhat.com/show_bug.cgi?id=1232265 [3]: http://git.savannah.gnu.org/cgit/libunwind.git/commit/?id=396b6c7ab737e2bff244d640601c436a26260ca1 |
This task depends upon
Closed by Sébastien Luttringer (seblu)
Wednesday, 30 September 2015, 19:59 GMT
Reason for closing: Fixed
Additional comments about closing: libunwind-1.1-3-
Wednesday, 30 September 2015, 19:59 GMT
Reason for closing: Fixed
Additional comments about closing: libunwind-1.1-3-