[Bug 1929105] Re: CVE-2021-3326: The iconv app in glibc when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion & aborts

[Alex Murray]

@mwhudson - there is a test case already in the upstream patch:
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to glibc in Ubuntu.
https://bugs.launchpad.net/bugs/1929105

Title:
  CVE-2021-3326: The iconv app in glibc when processing invalid input
  sequences in the ISO-2022-JP-3 encoding, fails an assertion  & aborts

Status in GLibC:
  Fix Released
Status in glibc package in Ubuntu:
  Fix Released
Status in glibc source package in Bionic:
  New
Status in glibc source package in Focal:
  New
Status in glibc source package in Groovy:
  Won't Fix

Bug description:
  The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and
  earlier, when processing invalid input sequences in the ISO-2022-JP-3
  encoding, fails an assertion in the code path and aborts the program,
  potentially resulting in a denial of service.

  Ref.: https://ubuntu.com/security/CVE-2021-3326

To manage notifications about this bug go to:
https://bugs.launchpad.net/glibc/+bug/1929105/+subscriptions