* [PATCH] NEWS: Document CVE-2023-25139.
@ 2023-02-06 15:36 Carlos O'Donell
2023-02-06 18:36 ` Siddhesh Poyarekar
0 siblings, 1 reply; 3+ messages in thread
From: Carlos O'Donell @ 2023-02-06 15:36 UTC (permalink / raw)
To: libc-alpha, siddhesh; +Cc: Carlos O'Donell
---
NEWS | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/NEWS b/NEWS
index b227e72c9c..a7979a9cd3 100644
--- a/NEWS
+++ b/NEWS
@@ -21,7 +21,12 @@ Changes to build and runtime requirements:
Security related changes:
- [Add security related changes here]
+ CVE-2023-25139: When the printf family of functions is called with a
+ format specifier that uses an <apostrophe> (enable grouping) and a
+ minimum width specifier, the resulting output could be larger than
+ reasonably expected by a caller that computed a tight bound on the
+ buffer size. The resulting larger than expected output could result
+ in a buffer overflow in the printf family of functions.
The following bugs are resolved with this release:
--
2.39.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] NEWS: Document CVE-2023-25139.
2023-02-06 15:36 [PATCH] NEWS: Document CVE-2023-25139 Carlos O'Donell
@ 2023-02-06 18:36 ` Siddhesh Poyarekar
2023-02-07 23:39 ` Carlos O'Donell
0 siblings, 1 reply; 3+ messages in thread
From: Siddhesh Poyarekar @ 2023-02-06 18:36 UTC (permalink / raw)
To: Carlos O'Donell; +Cc: libc-alpha
On Mon, Feb 6, 2023 at 10:36 AM Carlos O'Donell <carlos@redhat.com> wrote:
>
> ---
> NEWS | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/NEWS b/NEWS
> index b227e72c9c..a7979a9cd3 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -21,7 +21,12 @@ Changes to build and runtime requirements:
>
> Security related changes:
>
> - [Add security related changes here]
> + CVE-2023-25139: When the printf family of functions is called with a
> + format specifier that uses an <apostrophe> (enable grouping) and a
> + minimum width specifier, the resulting output could be larger than
> + reasonably expected by a caller that computed a tight bound on the
> + buffer size. The resulting larger than expected output could result
> + in a buffer overflow in the printf family of functions.
>
LGTM.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] NEWS: Document CVE-2023-25139.
2023-02-06 18:36 ` Siddhesh Poyarekar
@ 2023-02-07 23:39 ` Carlos O'Donell
0 siblings, 0 replies; 3+ messages in thread
From: Carlos O'Donell @ 2023-02-07 23:39 UTC (permalink / raw)
To: Siddhesh Poyarekar; +Cc: libc-alpha
On 2/6/23 13:36, Siddhesh Poyarekar wrote:
> On Mon, Feb 6, 2023 at 10:36 AM Carlos O'Donell <carlos@redhat.com> wrote:
>>
>> ---
>> NEWS | 7 ++++++-
>> 1 file changed, 6 insertions(+), 1 deletion(-)
>>
>> diff --git a/NEWS b/NEWS
>> index b227e72c9c..a7979a9cd3 100644
>> --- a/NEWS
>> +++ b/NEWS
>> @@ -21,7 +21,12 @@ Changes to build and runtime requirements:
>>
>> Security related changes:
>>
>> - [Add security related changes here]
>> + CVE-2023-25139: When the printf family of functions is called with a
>> + format specifier that uses an <apostrophe> (enable grouping) and a
>> + minimum width specifier, the resulting output could be larger than
>> + reasonably expected by a caller that computed a tight bound on the
>> + buffer size. The resulting larger than expected output could result
>> + in a buffer overflow in the printf family of functions.
>>
>
> LGTM.
>
> Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
>
Thanks. Pushed. I'm backporting to release/2.37/master right now.
--
Cheers,
Carlos.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-02-07 23:39 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-02-06 15:36 [PATCH] NEWS: Document CVE-2023-25139 Carlos O'Donell
2023-02-06 18:36 ` Siddhesh Poyarekar
2023-02-07 23:39 ` Carlos O'Donell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).