From patchwork Thu May 24 10:22:28 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Florian Weimer <fweimer@redhat.com>
X-Patchwork-Id: 27482
Received: (qmail 49815 invoked by alias); 24 May 2018 10:22:35 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Unsubscribe: <mailto:libc-alpha-unsubscribe-##L=##H@sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>,
	<http://sourceware.org/ml/#faqs>
Sender: libc-alpha-owner@sourceware.org
Delivered-To: mailing list libc-alpha@sourceware.org
Received: (qmail 49078 invoked by uid 89); 24 May 2018 10:22:33 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-23.4 required=5.0 tests=AWL, BAYES_00,
	GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3,
	KAM_LAZY_DOMAIN_SECURITY, KAM_NUMSUBJECT,
	SPF_HELO_PASS autolearn=ham version=3.3.2 spammy=H*M:4f99,
	H*MI:4f99
X-HELO: mx1.redhat.com
To: GNU C Library <libc-alpha@sourceware.org>
From: Florian Weimer <fweimer@redhat.com>
Subject: [PATCH COMMITTED] Add references to CVE-2017-18269, CVE-2018-11236,
	CVE-2018-11237
Message-ID: <a0c7db0f-b81b-3f7e-4f99-e3047085fbe5@redhat.com>
Date: Thu, 24 May 2018 12:22:28 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
	Thunderbird/52.7.0
MIME-Version: 1.0

This patch is just a ChangeLog and NEWS update for CVE assignments. 
Committed.

Thanks,
Florian

commit 43d4f3d5ad94e1fa5e56d7a7200d0e9f3d8e2f02
Author: Florian Weimer <fweimer@redhat.com>
Date:   Thu May 24 12:19:11 2018 +0200

    Add references to CVE-2017-18269, CVE-2018-11236, CVE-2018-11237

diff --git a/ChangeLog b/ChangeLog
index 56a3aa337d..e01136c6eb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -817,6 +817,7 @@
 2018-05-09  Paul Pluzhnikov  <ppluzhnikov@google.com>
 
 	[BZ #22786]
+	CVE-2018-11236
 	* stdlib/canonicalize.c (__realpath): Fix overflow in path length
 	computation.
 	* stdlib/Makefile (test-bz22786): New test.
@@ -2676,6 +2677,7 @@
 	    Max Horn  <max@quendi.de>
 
 	[BZ #22644]
+	CVE-2017-18269
 	* sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S: Fixed
 	branch conditions.
 	* string/test-memmove.c (do_test2): New testcase.
diff --git a/NEWS b/NEWS
index 1577f4310f..e2a6f45121 100644
--- a/NEWS
+++ b/NEWS
@@ -109,6 +109,17 @@ Security related changes:
   the system-provided libidn2 library instead.  Originally reported by Hanno
   Böck and Christian Weisgerber.
 
+  CVE-2017-18269: An SSE2-based memmove implementation for the i386
+  architecture could corrupt memory.  Reported by Max Horn.
+
+  CVE-2018-11236: Very long pathname arguments to realpath function could
+  result in an integer overflow and buffer overflow.  Reported by Alexey
+  Izbyshev.
+
+  CVE-2018-11237: The mempcpy implementation for the Intel Xeon Phi
+  architecture could write beyond the target buffer, resulting in a buffer
+  overflow.  Reported by Andreas Schwab.
+
 The following bugs are resolved with this release:
 
   [The release manager will add the list generated by