This is the mail archive of the
mailing list for the elfutils project.
Re: [PATCH] CVE-2014-0172 Check for overflow before calling malloc to uncompress data.
- From: Mark Wielaard <mjw at redhat dot com>
- To: elfutils-devel at lists dot fedorahosted dot org
- Date: Wed, 09 Apr 2014 23:26:20 +0200
- Subject: Re: [PATCH] CVE-2014-0172 Check for overflow before calling malloc to uncompress data.
On Wed, 2014-04-09 at 21:47 +0200, Kurt Roeckx wrote:
> Is there a plan to make a new release?
I wasn't planning one for just this fix. The patch is small enough for
people to apply if they want it right now. But it is about time to push
for 0.159. I was planning to do the dwz/alt-debug changes that have been
talked about recently on the list first. That will take a bit of time
since it will add a new interface. So maybe in 2 weeks. Lets aim for the
weekend of 26/27 of April?