contrib: Fix CVE-2018-12356 by hardening the regex #13479

pull loganaden wants to merge 1 commits into bitcoin:master from hackersdotmu:master changing 1 files +1 −1
  1. loganaden commented at 5:47 PM on June 15, 2018: none

    Detailed write-up here: https://neopg.io/blog/pass-signature-spoof/

  2. Fix CVE-2018-12356 by hardening the regex. 9e2e5626da
  3. MarcoFalke deleted a comment on Jun 15, 2018
  4. laanwj added the label Utils/log/libs on Jun 15, 2018
  5. laanwj commented at 7:50 PM on June 15, 2018: member

    utACK 9e2e5626dabb7208dafedcc9904940b666be1c3b Thanks!

  6. laanwj requested review from TheBlueMatt on Jun 15, 2018
  7. TheBlueMatt commented at 8:10 PM on June 15, 2018: member

    utACK

    On June 15, 2018 5:47:22 PM UTC, Loganaden Velvindron notifications@github.com wrote:

    Detailed write-up here: https://neopg.io/blog/pass-signature-spoof/ You can view, comment on, or merge this pull request online at:

    #13479

    -- Commit Summary --

    • Fix CVE-2018-12356 by hardening the regex.

    -- File Changes --

    M contrib/verify-commits/gpg.sh (2)

    -- Patch Links --

    https://github.com/bitcoin/bitcoin/pull/13479.patch https://github.com/bitcoin/bitcoin/pull/13479.diff

    -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/bitcoin/bitcoin/pull/13479

  8. practicalswift commented at 8:12 PM on June 15, 2018: contributor

    utACK 9e2e5626dabb7208dafedcc9904940b666be1c3b

    Thanks for noticing and fixing!

  9. MarcoFalke commented at 8:33 PM on June 15, 2018: member

    utACK 9e2e5626dabb7208dafedcc9904940b666be1c3b

  10. Empact commented at 9:16 PM on June 15, 2018: member

    utACK 9e2e562

  11. ken2812221 commented at 12:42 AM on June 16, 2018: contributor

    utACK 9e2e562

  12. Empact commented at 12:59 AM on June 16, 2018: member

    @loganaden is “\A” applicable here?

  13. laanwj renamed this:
    Fix CVE-2018-12356 by hardening the regex.
    contrib: Fix CVE-2018-12356 by hardening the regex
    on Jun 16, 2018
  14. laanwj merged this on Jun 16, 2018
  15. laanwj closed this on Jun 16, 2018
  16. laanwj referenced this in commit fa2ea37940 on Jun 16, 2018
  17. kanzure commented at 1:56 PM on June 16, 2018: contributor

    Needs comment about CVE-2018-12356 otherwise someone might revert that during future rewrite.

  18. PenTesting referenced this in commit 28fa7e2db7 on Jun 1, 2019
  19. PastaPastaPasta referenced this in commit 3979f24d3f on Jul 7, 2020
  20. DrahtBot locked this on Sep 8, 2021
Contributors
loganadenlaanwjTheBlueMattpracticalswiftMarcoFalkeEmpactken2812221kanzure


TheBlueMatt

Labels
Utils/log/libs
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-13 15:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me