mirror of
https://sourceware.org/git/glibc.git
synced 2024-11-24 22:10:13 +00:00
Record CVE-2019-9169 in NEWS and ChangeLog [BZ #24114]
This commit is contained in:
parent
066ae81ec9
commit
b626c5aa5d
@ -1576,6 +1576,7 @@
|
||||
|
||||
2019-01-31 Paul Eggert <eggert@cs.ucla.edu>
|
||||
|
||||
CVE-2019-9169
|
||||
regex: fix read overrun [BZ #24114]
|
||||
Problem found by AddressSanitizer, reported by Hongxu Chen in:
|
||||
https://debbugs.gnu.org/34140
|
||||
|
4
NEWS
4
NEWS
@ -46,6 +46,10 @@ Security related changes:
|
||||
memcmp gave the wrong result since it treated the size argument as
|
||||
zero. Reported by H.J. Lu.
|
||||
|
||||
CVE-2019-9169: Attempted case-insensitive regular-expression match
|
||||
via proceed_next_node in posix/regexec.c leads to heap-based buffer
|
||||
over-read. Reported by Hongxu Chen.
|
||||
|
||||
The following bugs are resolved with this release:
|
||||
|
||||
[The release manager will add the list generated by
|
||||
|
Loading…
Reference in New Issue
Block a user