[LLVMbugs] [Bug 23060] CVE-2015-2305 regex heap overflow

Mon Mar 30 17:11:44 PDT 2015

https://llvm.org/bugs/show_bug.cgi?id=23060

Michael Gilbert <mgilbert at debian.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|FIXED                       |---

--- Comment #4 from Michael Gilbert <mgilbert at debian.org> ---
r228507 fixes unCVEified integer overflows in allocset().

CVE-2015-2305 is about a different heap overflow in regcomp(), and still needs
to be fixed.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20150331/749c3127/attachment.html>