From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <fweimer@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [216.205.24.124])
 by sourceware.org (Postfix) with ESMTP id 14B54393C854
 for <libc-alpha@sourceware.org>; Fri, 29 Jan 2021 16:39:36 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 14B54393C854
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-503-egVAPhlSNlirG1qM2lxU1A-1; Fri, 29 Jan 2021 11:39:34 -0500
X-MC-Unique: egVAPhlSNlirG1qM2lxU1A-1
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com
 [10.5.11.22])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mimecast-mx01.redhat.com (Postfix) with ESMTPS id D6D8210054FF;
 Fri, 29 Jan 2021 16:39:32 +0000 (UTC)
Received: from oldenburg.str.redhat.com (ovpn-113-35.ams2.redhat.com
 [10.36.113.35])
 by smtp.corp.redhat.com (Postfix) with ESMTPS id 0951E1002382;
 Fri, 29 Jan 2021 16:39:31 +0000 (UTC)
From: Florian Weimer <fweimer@redhat.com>
To: Paul Zimmermann <Paul.Zimmermann@inria.fr>
Cc: libc-alpha@sourceware.org
Subject: Re: [PATCH] NEWS: Mention CVE-2021-3326 (iconv assertion with
 ISO-20220-JP-3)
References: <87tuqzwvoh.fsf@oldenburg.str.redhat.com>
 <mw8s8baec2.fsf@tomate.loria.fr>
Date: Fri, 29 Jan 2021 17:39:29 +0100
In-Reply-To: <mw8s8baec2.fsf@tomate.loria.fr> (Paul Zimmermann's message of
 "Fri, 29 Jan 2021 17:38:05 +0100")
Message-ID: <87a6srwvcu.fsf@oldenburg.str.redhat.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain
X-Spam-Status: No, score=-6.6 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH,
 DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_LOW,
 RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=ham autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jan 2021 16:39:42 -0000

* Paul Zimmermann:

>        Dear Florian,
>
>> +  CVE-2021-3326: An assertion failure during conversion from from the
>
> duplicate "from"
>
>> +  qISO-20220-JP-3 character set using the iconv function has been fixed.
>> +  This assertion wis triggered by certain valid inputs in which the
>
> wis -> was
>
>> +  converted output contains a combined sequence of two wide characters
>> +  crossing a buffer boundary.  Reported by Tavis Ormandy.

Thanks, will send a v2.

Florian
-- 
Red Hat GmbH, https://de.redhat.com/ , Registered seat: Grasbrunn,
Commercial register: Amtsgericht Muenchen, HRB 153243,
Managing Directors: Charles Cachera, Brian Klemm, Laurie Krebs, Michael O'Neill