[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE-2023-25139: glibc-2.37 sprintf buffer overflow
From:       Jan Schaumann <jschauma () netmeister ! org>
Date:       2023-02-10 21:47:33
Message-ID: Y+a7dYG9Qm89wuij () netmeister ! org
[Download RAW message or body]

Hi,

I just came across this and don't think I've seen a
note of it to this list:

CVE-2023-25139: a buffer overflow in sprintf(3) in
glibc-2.37:

https://sourceware.org/bugzilla/show_bug.cgi?id=30068

glibc-2.37 was released on 2023-02-01, so this isn't
going to be wide spread.

Fixed in
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=c980549cc6a1c03c23cc2fe3e7b0fe626a0364b0

-Jan
[prev in list] [next in list] [prev in thread] [next in thread]