[Buildroot] [PATCH v2] glibc: security bump to latest 2.27 branch

Peter Korsgaard peter at korsgaard.com
Tue May 29 15:00:07 UTC 2018


>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:

 > Fixed issues are listed in the 2.27 branch NEWS file:
 >   CVE-2017-18269: An SSE2-based memmove implementation for the i386
 >   architecture could corrupt memory.  Reported by Max Horn.

 >   CVE-2018-11236: Very long pathname arguments to realpath function could
 >   result in an integer overflow and buffer overflow.  Reported by Alexey
 >   Izbyshev.

 >   CVE-2018-11237: The mempcpy implementation for the Intel Xeon Phi
 >   architecture could write beyond the target buffer, resulting in a buffer
 >   overflow.  Reported by Andreas Schwab.

 > Signed-off-by: Baruch Siach <baruch at tkos.co.il>
 > ---
 > v2: Format the version string as described in the comment (Peter)

Committed, thanks.

Will you also send a patch for 2018.02.x?

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list