lib/glibc
lib/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2025-05-31 15:01:17 +03:00
Code

Record CVE-2019-9169 in NEWS and ChangeLog [BZ #24114]

Browse Source
This commit is contained in:
Aurelien Jarno 2019-03-16 22:59:56 +01:00
parent 066ae81ec9
commit b626c5aa5d
2 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@ -1576,6 +1576,7 @@
2019-01-31 Paul Eggert <eggert@cs.ucla.edu> 2019-01-31 Paul Eggert <eggert@cs.ucla.edu>
CVE-2019-9169
regex: fix read overrun [BZ #24114] regex: fix read overrun [BZ #24114]
Problem found by AddressSanitizer, reported by Hongxu Chen in: Problem found by AddressSanitizer, reported by Hongxu Chen in:
https://debbugs.gnu.org/34140 https://debbugs.gnu.org/34140

4
NEWS
View File

@ -46,6 +46,10 @@ Security related changes:
memcmp gave the wrong result since it treated the size argument as memcmp gave the wrong result since it treated the size argument as
zero. Reported by H.J. Lu. zero. Reported by H.J. Lu.
CVE-2019-9169: Attempted case-insensitive regular-expression match
via proceed_next_node in posix/regexec.c leads to heap-based buffer
over-read. Reported by Hongxu Chen.
The following bugs are resolved with this release: The following bugs are resolved with this release:
[The release manager will add the list generated by [The release manager will add the list generated by