From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 7543 invoked by alias); 3 Sep 2014 17:52:16 -0000 Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: glibc-bugs-owner@sourceware.org Received: (qmail 7473 invoked by uid 55); 3 Sep 2014 17:52:12 -0000 From: "cvs-commit at gcc dot gnu.org" To: glibc-bugs@sourceware.org Subject: [Bug localedata/17325] iconv from ccsid 937 to utf-8 access invalid memory (CVE-2014-6040) Date: Wed, 03 Sep 2014 17:52:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: localedata X-Bugzilla-Version: 2.20 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: cvs-commit at gcc dot gnu.org X-Bugzilla-Status: ASSIGNED X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: fweimer at redhat dot com X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: security+ X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-SW-Source: 2014-09/txt/msg00010.txt.bz2 https://sourceware.org/bugzilla/show_bug.cgi?id=17325 --- Comment #4 from cvs-commit at gcc dot gnu.org --- This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GNU C Library master sources". The branch, master has been updated via 41488498b6d9440ee66ab033808cce8323bba7ac (commit) from a78b712d405b55405b425e9b1453745615483003 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=41488498b6d9440ee66ab033808cce8323bba7ac commit 41488498b6d9440ee66ab033808cce8323bba7ac Author: Florian Weimer Date: Wed Sep 3 19:45:43 2014 +0200 CVE-2014-6040: Crashes on invalid input in IBM gconv modules [BZ #17325] These changes are based on the fix for BZ #14134 in commit 6e230d11837f3ae7b375ea69d7905f0d18eb79e5. ----------------------------------------------------------------------- Summary of changes: ChangeLog | 17 +++++++++++++++++ NEWS | 7 ++++++- iconvdata/Makefile | 1 + iconvdata/ibm1364.c | 3 ++- iconvdata/ibm932.c | 5 +++-- iconvdata/ibm933.c | 2 +- iconvdata/ibm935.c | 2 +- iconvdata/ibm937.c | 2 +- iconvdata/ibm939.c | 2 +- iconvdata/ibm943.c | 5 +++-- iconvdata/run-iconv-test.sh | 18 ++++++++++++++++++ 11 files changed, 54 insertions(+), 10 deletions(-) -- You are receiving this mail because: You are on the CC list for the bug.