Debian Bug report logs -
#975365
musl: CVE-2020-28928
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, team@security.debian.org, team@security.debian.org, Reiner Herrmann <reiner@reiner-h.de>
:
Bug#975365
; Package musl
.
(Sat, 21 Nov 2020 05:24:04 GMT) (full text, mbox, link).
Acknowledgement sent
to "Roberto C. Sanchez" <roberto@debian.org>
:
New Bug report received and forwarded. Copy sent to team@security.debian.org, team@security.debian.org, team@security.debian.org, Reiner Herrmann <reiner@reiner-h.de>
.
(Sat, 21 Nov 2020 05:24:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: musl
Severity: grave
Tags: security
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi,
The following vulnerability was published for musl.
CVE-2020-28928[0]:
wcsnrtombs destination buffer overflow
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2020-28928
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928
Please adjust the affected versions in the BTS as needed.
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEIYZ1DR4ae5UL01q7ldFmTdL1kUIFAl+4oRoACgkQldFmTdL1
kUL5nhAAwJuNKh4eQodFdOANhHFe9Bi8q7Cf9/RFqONVhoUpD8cna7ANY472sfy/
0xZKPatOXvWBFJTyUTs2Z/AhNGy4+TomF4v0DQydo8PmZRY0SRkyqpdOr1bHEFx7
YbBX1XdBJLfCq4Uj8T+kGDSZvueqtdDIe8fGoGKnQD2UFKc9JSXBRZ0CZzwxyGda
feEsYfU/dFiP1aJgVv86WqJw5KYOtKEgmKmcur5PkfUfdrqL3wqR1JlP0OfxsT9H
SjGBVkmlUINWMfrKBZRirYTJUKFPxLPJDZNOB5dqvENVMxigEeIgGRYvPfJxK4P5
dc+1ayAUFBbwUq2k4Vs9TR+E6spyEbodwZXHUXCBchQb6+V8uVTa6Xd6Egvkah7E
xoIMnbre/5vlaWRJH09NaKhFKsE6eXMTv4boPdCC0IprGWIvo99PwuAFLrmpD7pK
TOQMt1XFts0nddMHtD2oVDiepT0NUhNFtUxzO05ZWZMC5eFDlCfiOgPjiFQV7/6U
UXSkEiB41Z5MHXmIJEKBD4gHutu0+nq/hhCsCKAO4vNbbHio2QE6zu7Yi9nKZlpt
aa7IZPWlgcw7yp2hBrz1ENSEPUWhpYUsUL6mq9HiqqWA7wrujbWzDOCvxEQg/TrU
BkyzFVZdMk3wFcjxy6bQipMlY4A5rq6yRPNflSUhHup8Gxoyfzs=
=Badk
-----END PGP SIGNATURE-----
Added tag(s) upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Sat, 21 Nov 2020 07:33:03 GMT) (full text, mbox, link).
Marked as found in versions musl/1.2.1-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Sat, 21 Nov 2020 07:33:04 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Sat Nov 21 10:37:45 2020;
Machine Name:
bembo
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.