An out-of-bounds heap write vulnerability was found in date. Maliciously crafted TZ variable could be used to run arbitrary code as the user running date.
Acknowledgments: Name: Pádraig Brady
As the fix is already pushed to public git repositories, could the embargo be canceled and the corresponding bugs made public? Thanks in advance!
Upstream patch: http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=commitdiff;h=94e01571
This really is a gnulib issue, and gnulib is embedded in coreutils.