oss-sec mailing list archives
Re: two vulns in uClibc-0.9.33.2
From: "fefe" <qbenjin () qq com>
Date: Wed, 21 Jun 2017 11:28:17 +0800
I found two vulns in uClibc-0.9.33.2 (https://uclibc.org/)
uClibc is dead. Active development happens on uClibc-ng. Is uClibc-ng
also affected by these issues? uclibc_ng is also affected.
one is about line 2682 of get_subexp.c :
I take it you are referring to libc/misc/regex/regexec.c?
yes. i am sorry??
Current thread:
- Re: two vulns in uClibc-0.9.33.2, (continued)
- Re: two vulns in uClibc-0.9.33.2 Zach W (Jun 16)
- Re: two vulns in uClibc-0.9.33.2 Peter Korsgaard (Jun 16)
- Re: two vulns in uClibc-0.9.33.2 Seth Arnold (Jun 16)
- Re: two vulns in uClibc-0.9.33.2 Kurt Seifried (Jun 16)
- Re: two vulns in uClibc-0.9.33.2 Michal Zalewski (Jun 16)
- Re: two vulns in uClibc-0.9.33.2 Bob Friesenhahn (Jun 16)
- Re: two vulns in uClibc-0.9.33.2 Florian Weimer (Jun 17)
- Re: two vulns in uClibc-0.9.33.2 Michal Zalewski (Jun 17)
- Re: two vulns in uClibc-0.9.33.2 Simon McVittie (Jun 17)
- Re: two vulns in uClibc-0.9.33.2 Jakub Wilk (Jun 17)
- Re: two vulns in uClibc-0.9.33.2 Waldemar Brodkorb (Jun 23)
- re: two vulns in uClibc-0.9.33.2 fefe (Jun 26)