This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] glob: Fix one-byte overflow [BZ #22320]

From: Florian Weimer <fw at deneb dot enyo dot de>
To: Joseph Myers <joseph at codesourcery dot com>
Cc: GNU C Library <libc-alpha at sourceware dot org>
Date: Fri, 20 Oct 2017 18:32:22 +0200
Subject: Re: [PATCH] glob: Fix one-byte overflow [BZ #22320]
Authentication-results: sourceware.org; auth=none
References: <aecce8a1-86a1-4ea0-bc7d-bccdbb7e1364@redhat.com> <alpine.DEB.2.20.1710201615000.13420@digraph.polyomino.org.uk>

* Joseph Myers:

> On Fri, 20 Oct 2017, Florian Weimer wrote:
>
>> I plan to commit this once we have the CVE ID from MITRE.
>
> Commits should not need to wait for CVEs; the NEWS entry for a security 
> fix can be updated with the CVE later once available.

Thanks for the reminder.  Recent turnaround times from MITRE were
amazingly fast, so I thought I would wait this time.  But you are
right, I should commit this now without a CVE ID.

References:
- [PATCH] glob: Fix one-byte overflow [BZ #22320]
  - From: Florian Weimer
- Re: [PATCH] glob: Fix one-byte overflow [BZ #22320]
  - From: Joseph Myers

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]