This is the mail archive of the
mailing list for the elfutils project.
[Bug general/22976] global-buffer-overflow in ebl_dynamic_tag_name (libebl/ebldynamictagname.c)
- From: "mark at klomp dot org" <sourceware-bugzilla at sourceware dot org>
- To: elfutils-devel at sourceware dot org
- Date: Mon, 26 Mar 2018 12:17:24 +0000
- Subject: [Bug general/22976] global-buffer-overflow in ebl_dynamic_tag_name (libebl/ebldynamictagname.c)
- Auto-submitted: auto-generated
- References: <email@example.com/bugzilla/>
--- Comment #3 from Mark Wielaard <mark at klomp dot org> ---
I noticed there is a CVE linked to this bug report:
Note that this bug was NOT in a released version of elfutils.
It was introduced by the import of elf.h by:
Author: Mark Wielaard <firstname.lastname@example.org>
Date: Sat Feb 17 00:23:19 2018 +0100
libelf: Sync elf.h from glibc.
Signed-off-by: Mark Wielaard <email@example.com>
This was done after 0.170 was released.
But that commit was backported into the Fedora elfutils package as part of the
elfutils-0.170-elf_sync.patch to add some other non-related PowerPC
You are receiving this mail because:
You are on the CC list for the bug.