subject:"Bug#1069191\: glibc\: GLIBC\-SA\-2024\-0004\/CVE\-2024\-2961\: ISO\-2022\-CN\-EXT\: fix out\-of\-bound writes when writing escape sequence"

Bug#1069191: glibc: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence

2024-04-22 Thread Charlemagne Lasse

Hi, Can this be backported to older Debian versions via the security repo? This bug can be used to execute code when using the PHP engine: * https://www.offensivecon.org/speakers/2024/charles-fol.html * https://www.openwall.com/lists/oss-security/2024/04/18/4

Bug#1069191: glibc: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence

2024-04-17 Thread Salvatore Bonaccorso

Source: glibc Version: 2.37-17 Severity: important Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Control: found -1 2.37-15 Control: found -1 2.36-9+deb12u5 Control: found -1 2.36-9+deb12u4 Control: found -1 2.36-9 Control: found -1 2.31-13+deb11u8 Control: found -1