Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 29 Dec 2014 01:06:25 +0100
From: Moritz Mühlenhoff <>
Cc: Fiedler Roman <>,
Subject: Re: parse_datetime() bug in coreutils

On Mon, Nov 24, 2014 at 06:47:24PM -0800, Seth Arnold wrote:
> Hello,
> Fiedler Roman discovered that coreutils' parse_datetime() function
> has some flaws that may be exploitable if the date(1), touch(1),
> or potentially other programs, accept untrusted input for certain
> parameters. While researching this issue, he discovered that it
> was independantly discovered by Bertrand Jacquin and reported at
> $ touch '--date=TZ="123"345" @1'
> Segmentation fault (core dumped)
> $ date '--date=TZ="123"345" @1'
> *** Error in `date': double free or corruption (out): 0x00007fffc9866c20 ***
> Aborted (core dumped)
> $
> The GNU bugtracker has this patch to fix the problem:
> and this patch to include the fix in coreutils and a small test case:
> Can a CVE please be assigned for this issue.

This CVE request seems to have fallen through the cracks,
adding to the recipients.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.