CVE-2023-25139: glibc-2.37 sprintf buffer overflow

[Jan Schaumann <jschauma () netmeister org>]

Hi,

I just came across this and don't think I've seen a
note of it to this list:

CVE-2023-25139: a buffer overflow in sprintf(3) in
glibc-2.37:

https://sourceware.org/bugzilla/show_bug.cgi?id=30068

glibc-2.37 was released on 2023-02-01, so this isn't
going to be wide spread.

Fixed in
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=c980549cc6a1c03c23cc2fe3e7b0fe626a0364b0

-Jan