Date: Thu, 5 Mar 2026 18:32:52 +0000 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: Baptiste Daroussin <bapt@FreeBSD.org> Cc: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: Re: git: 6d2a147ae558 - main - libedit: fix use after free Message-ID: <zlt4stvx7gmbfgrwip4zydmvccy3vf3nuzzwzatbsinqlqmttl@qxjuii6bnlpe> In-Reply-To: <a7r3vhbqhfg55k2j2odj6erv7evnqy7toquklzdvxwuk4i6szi@vppnhodbefly> References: <69a9aba5.38ca9.25c6649c@gitrepo.freebsd.org> <a7r3vhbqhfg55k2j2odj6erv7evnqy7toquklzdvxwuk4i6szi@vppnhodbefly>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Thu, Mar 05, 2026 at 05:49:51PM +0000, Shawn Webb wrote: > On Thu, Mar 05, 2026 at 04:13:25PM +0000, Baptiste Daroussin wrote: > > The branch main has been updated by bapt: > > > > URL: https://cgit.FreeBSD.org/src/commit/?id=6d2a147ae558ef423e3df451a9049200b291a8d0 > > > > commit 6d2a147ae558ef423e3df451a9049200b291a8d0 > > Author: Baptiste Daroussin <bapt@FreeBSD.org> > > AuthorDate: 2026-03-05 16:12:51 +0000 > > Commit: Baptiste Daroussin <bapt@FreeBSD.org> > > CommitDate: 2026-03-05 16:13:08 +0000 > > > > libedit: fix use after free > > --- > > contrib/libedit/map.c | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > Hey Baptiste, > > UAF bugs are typically thought to be security issues. Does this > particular fix warrant a security advisory? The log is unfortunately > lacking much useful metadata usually included in these kinds of > commits. Chatted out-of-band with another FreeBSD developer. Turns out this UAF only existed in main for nine hours. Didn't make it to a stable or releng branch. A Fixes: tag probably could've helped address the confusion. Thanks, -- Shawn Webb Cofounder / Security Engineer HardenedBSD Signal Username: shawn_webb.74 Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50 https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmmpzEwACgkQ/y5nonf4 4foX2Q/+Lav/cuHoB24v2wvfpAavKUC2nmAE0YtpvgwKg32BphNqEYtSo4a7F+Dt pGgNBhsjsNWmEOSInpe0Gv2N61pl99aIjvwklFRTDDgFPke1GIrbe2H9Uio58ScU G/m4MaeWvHi4/kMWTEzXy0xP2jPRTu45PnqXW2BPWFTN7SaZQZPkUNdqSGbdm7sY msqN4QNg5VvDcyRjlmPw+A4ox4HUoGOAy8RRMiJf4AtQ7jOrP8bC3VvmmaGaNY6w KXp+03/Siq0MUZXk2QydsLFeQT6uwk30gETu7tskimeZKQJLmccwtoDnx+hs1hh+ IGsrnNWuFo9IjltPbccFhaPT6HgpCTjlMxiCqrEHPHoYgNZo0d9FsO3fJMdshd9+ F3ILUd3XQf1KtnmiCzLcJSMHgGx1koizKGtBsfW7RJ0I2ei2wpEhGNgp8ptZKtzB ghKde5PT8uYY5ZTyslT65zXcSVO4jkIXUDJ6UGXo21ODiTKuPZo9OEOE2o6oqlEP kuRpe8ltAHVloj+autvpE5g61bO07gAqEwCNRT18sr1iSWpc82/DPw8RkFnjSXpp z9MUqMHkj1vuLTLswpQ7Ghe+Xrin23R3X3gkLhqgeC+l+FaTG/lT5IgZvI3aByUr nLoCbGZSk2hXjKrKX+Z+3qGv6TQgbgibYemObII5oTHSz6h4juQ= =KzF6 -----END PGP SIGNATURE-----home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?zlt4stvx7gmbfgrwip4zydmvccy3vf3nuzzwzatbsinqlqmttl>