This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Updating NEWS for 2.26

From: Florian Weimer <fw at deneb dot enyo dot de>
To: Florian Weimer <fweimer at redhat dot com>
Cc: Siddhesh Poyarekar <siddhesh at gotplt dot org>, Joseph Myers <joseph at codesourcery dot com>, libc-alpha at sourceware dot org
Date: Tue, 01 Aug 2017 23:16:48 +0200
Subject: Re: Updating NEWS for 2.26
Authentication-results: sourceware.org; auth=none
References: <alpine.DEB.2.20.1707031405010.28799@digraph.polyomino.org.uk> <alpine.DEB.2.20.1707301215090.7770@digraph.polyomino.org.uk> <a11ad975-c6cf-a183-8b94-ec9a0345ad0c@gotplt.org> <a2091075-9287-130a-8a7a-fb1365008f4c@redhat.com> <617bfbcf-411f-c6b3-1d05-12ba322e9fde@gotplt.org> <09d6e2fd-ec10-b01a-8b4b-1bfc2feb5ede@redhat.com>

* Florian Weimer:

> On 08/01/2017 11:20 AM, Siddhesh Poyarekar wrote:
>> On Tuesday 01 August 2017 02:16 PM, Florian Weimer wrote:
>>> * A use-after-free vulnerability in clntudp_call in the Sun RPC system
>>> has been fixed.
>> 
>> Is there a CVE number for this or just a preventive fix you put in?
>
> There will be a CVE number, but I haven't got one yet, sorry.

We have CVE assignments now:

https://sourceware.org/bugzilla/show_bug.cgi?id=CVE-2017-12132
https://sourceware.org/bugzilla/show_bug.cgi?id=CVE-2017-12133

References:
- Re: Updating NEWS for 2.26
  - From: Florian Weimer
- Re: Updating NEWS for 2.26
  - From: Siddhesh Poyarekar
- Re: Updating NEWS for 2.26
  - From: Florian Weimer

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]