[Buildroot] [PATCH v2] glibc: security bump to latest 2.27 branch
Peter Korsgaard
peter at korsgaard.com
Tue May 29 15:00:07 UTC 2018
>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:
> Fixed issues are listed in the 2.27 branch NEWS file:
> CVE-2017-18269: An SSE2-based memmove implementation for the i386
> architecture could corrupt memory. Reported by Max Horn.
> CVE-2018-11236: Very long pathname arguments to realpath function could
> result in an integer overflow and buffer overflow. Reported by Alexey
> Izbyshev.
> CVE-2018-11237: The mempcpy implementation for the Intel Xeon Phi
> architecture could write beyond the target buffer, resulting in a buffer
> overflow. Reported by Andreas Schwab.
> Signed-off-by: Baruch Siach <baruch at tkos.co.il>
> ---
> v2: Format the version string as described in the comment (Peter)
Committed, thanks.
Will you also send a patch for 2018.02.x?
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list