Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 21 Jun 2017 11:28:17 +0800
From: "fefe" <qbenjin@...com>
To: "Peter Korsgaard" <peter@...sgaard.com>, "wbx" <wbx@...nadk.org>
Cc: "oss-security" <oss-security@...ts.openwall.com>
Subject: Re: two vulns in  uClibc-0.9.33.2

>> I found two vulns in  uClibc-0.9.33.2 (https://uclibc.org/)

>uClibc is dead. Active development happens on uClibc-ng. Is uClibc-ng
also affected by these issues?


uclibc_ng is also affected.
>> one is about line 2682 of get_subexp.c :

>I take it you are referring to libc/misc/regex/regexec.c?


yes. i am sorryŁĄ

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ