[Bug regex/18014] New: Additional CVE assignment for regcomp denial of service (CVE-2010-4052)

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[Bug regex/18014] New: Additional CVE assignment for regcomp denial of service (CVE-2010-4052)

macro@linux-mips.org
https://sourceware.org/bugzilla/show_bug.cgi?id=18014

            Bug ID: 18014
           Summary: Additional CVE assignment for regcomp denial of
                    service (CVE-2010-4052)
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: regex
          Assignee: unassigned at sourceware dot org
          Reporter: fweimer at redhat dot com
                CC: drepper.fsp at gmail dot com

This is a placeholder bug to document the second CVE mentioned in:
<http://seclists.org/fulldisclosure/2011/Jan/78>

--
You are receiving this mail because:
You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug regex/18014] Additional CVE assignment for regcomp denial of service (CVE-2010-4052)

macro@linux-mips.org
https://sourceware.org/bugzilla/show_bug.cgi?id=18014

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |DUPLICATE
              Flags|                            |security-

--- Comment #1 from Florian Weimer <fweimer at redhat dot com> ---
Per our Security Exceptions, this is not a security bug:

https://sourceware.org/glibc/wiki/Security%20Exceptions

In addition, the separate between the two CVEs is unclear, so closing as a
duplicate.

*** This bug has been marked as a duplicate of bug 18013 ***

--
You are receiving this mail because:
You are on the CC list for the bug.