This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[PATCH] Record CVE-2018-6485 in ChangeLog and NEWS [BZ #22343]

From: Florian Weimer <fweimer at redhat dot com>
To: GNU C Library <libc-alpha at sourceware dot org>, "Dmitry V. Levin" <ldv at altlinux dot org>
Date: Thu, 1 Feb 2018 15:24:51 +0100
Subject: [PATCH] Record CVE-2018-6485 in ChangeLog and NEWS [BZ #22343]
Authentication-results: sourceware.org; auth=none

I got another CVE assignment from MITRE for the posix_memalign issue.Can we still install it?

Arjun is looking into the malloc fix; we have some disagreement there towhat extent it is a separate issue. I do not observe it with our2.17-based build on i386. If the affected version range is differentfrom the posix_memalign issue, technically, we should assign a separateCVE ID (but it doesn't make sense to stop the release for that).


Thanks,
Florian

Follow-Ups:
- Re: [PATCH] Record CVE-2018-6485 in ChangeLog and NEWS [BZ #22343]
  - From: Dmitry V. Levin

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]