CVE-2015-2305 in llvm-toolchain-3.6
harald at a-little-linux-box.at
harald at a-little-linux-box.at
Sat Apr 16 18:24:41 UTC 2016
Dear LLVM maintainers,
could you please apply CVE-2015-2305.patch to llvm-toolchain-3.6 and do
an upload?
As llvm still pulling in version 3.6 this should IMHO be fixed. The
patch from 3.5 applies with a little offset:
root at pc:/usr/src/llvm-toolchain-3.6-3.6.2# patch -p1 < CVE-2015-2305.patch
patching file lib/Support/regcomp.c
Hunk #1 succeeded at 169 (offset 8 lines).
Hunk #2 succeeded at 192 (offset 8 lines).
Could not do a test build as I do not have the ressources but the almost
cleanly applying patch suggests that there should be no regressions not
already detected in 3.5.
Kind regards
Harald Jenny
More information about the Pkg-llvm-team
mailing list