Summary: | <sys-libs/glibc-2.20-r2: heap buffer overflow in glibc swscanf (CVE-2015-1472) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Kristian Fiskerstrand (RETIRED) <k_f> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | glsamaker, toolchain |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06 | ||
See Also: |
https://sourceware.org/bugzilla/show_bug.cgi?id=16618 https://bugzilla.redhat.com/show_bug.cgi?id=1188235 |
||
Whiteboard: | A2 [glsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 516884, 544034 | ||
Bug Blocks: |
Description
Kristian Fiskerstrand (RETIRED)
![]() From upstream bug: Fixed in 2.21. 2.21 is not available for stabilization yet as far as I see. Setting it back to ebuild until it is ready. fix is also in glibc-2.20-r2 now (In reply to SpanKY from comment #3) > fix is also in glibc-2.20-r2 now Thanks *** Bug 552694 has been marked as a duplicate of this bug. *** This issue was resolved and addressed in GLSA 201602-02 at https://security.gentoo.org/glsa/201602-02 by GLSA coordinator Tobias Heinlein (keytoaster). |