CVE request: glibc character set conversion from IBM code pages

[Florian Weimer <fweimer () redhat com>]

In 2012, a crasher in IBM930 decoding was reported and fixed:

<https://sourceware.org/bugzilla/show_bug.cgi?id=14134>
<https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=6e230d11837f3a>

This change went into glibc 2.16.

Today, Adhemerval Zanella Netto reported in additional code page 
decoding functions (IBM933, IBM935, IBM937, IBM939, IBM1364):

<https://sourceware.org/bugzilla/show_bug.cgi?id=17325>
<https://sourceware.org/ml/libc-alpha/2014-08/msg00473.html>

Upstream commit is still pending.

These crashers are out-of-bounds reads at a fixed offset relative to the 
data segment of a DSO, and in all cases I've seen, they were right in 
the middle of an unmapped segment of the same DSO.  This means that 
these bugs are just crashers, but they can still result in 
denial-of-service conditions.

Since the affected version ranges are not identical, this needs two 
separate CVE identifiers, probably one from 2012 and one from 2014.

--
Florian Weimer / Red Hat Product Security