Bug Fixes
These patches were reported, but not approved yet:
- 2017-11-08: heap overflow in ucs2any of font-util 1.3.1
- 2017-10-29: heap overflow while parsing patterns in gimp 2.9.6
- 2017-06-25: out of boundary access in kmod 24
- 2017-01-22: signal race condition in dwm 6.1
- 2017-01-07: possibly illegal unmap in ffmpeg 3.2.2
- 2016-06-09: out of boundary read in pacsort of pacman 5.0.1
- 2016-06-06: endless loop with invalid signatures in pacman 5.0.1 (CVE-2016-5434)
- 2016-06-02: stack overflow during symlink handling in pacman 5.0.1
- 2015-10-03: documentation typo in tar 1.28
- 2015-09-02: multiple catopen issues in glibc 2.22
- 2015-08-28: overflows and division by zero in kbd 2.0.3
- 2015-07-12: buffer overflow in glibc 2.21
- 2015-07-12: unterminated string in make 4.1
- 2015-07-12: unterminated string in libdrm 2.4.62
- 2015-07-10: NULL pointer dereference in e2fsprogs 1.42.13
- 2015-06-22: buffer overflow ($PWD) in which 2.21
- 2015-06-22: out of boundary access ($HOME) in which 2.21
- 2015-06-22: buffer overflow with long paths in which 2.21
- 2015-02-06: overflow during config handling in sysklogd 1.5.1
And this patch was rejected without a really good reason: