Glibc glob patch

tristan twem2 at
Mon Jan 14 01:47:57 PST 2002

On Sat, Jan 12, 2002 at 06:02:53PM +0000, Mark Binns wrote:
> On Sat, 12 Jan 2002, Bruce Dubbs wrote:
> > I don't see a patch in the book, but I did find:
> >
> >
> > and its follow up:
> >
> >
> Ah ha! That looks like the one. Is that patch for their development (cvs)
> glibc or the 2.2.4 release? It may be worth including the patch in the
> book if the 2.2.4 release leaves you open to remote root exploits if
> you're running some ftpds.

The patch seems to have been accepted, its in the ChangeLog for
2.2.5pre1 - 

2001-11-29  Jakub Jelinek  <jakub at>

        * sysdeps/generic/glob.c (next_brace_sub): Return NULL if braces
        don't match, fix {{a,b},c} globbing, clean up.
        Patch by Flavio Veloso <flaviovs at>.

I should think this means that it is applicable to 2.2.4

Unsubscribe: send email to listar at
and put 'unsubscribe lfs-security' in the subject header of the message

More information about the lfs-security mailing list