[LLVMbugs] [Bug 23060] New: CVE-2015-2305 regex heap overflow

Sat Mar 28 19:11:44 PDT 2015

https://llvm.org/bugs/show_bug.cgi?id=23060

            Bug ID: 23060
           Summary: CVE-2015-2305 regex heap overflow
           Product: libraries
           Version: 3.0
          Hardware: PC
                OS: All
            Status: NEW
          Severity: normal
          Priority: P
         Component: Support Libraries
          Assignee: unassignedbugs at nondot.org
          Reporter: mgilbert at debian.org
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified

A CVE was assigned to the regex library embedded in llvm, which is used in the
library and a few tools.

It's not clear whether there is any practical effect for llvm specifically, but
it's probably worth checking.

For more information, see the debian bug report:
https://bugs.debian.org/778392

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20150329/416b525f/attachment.html>