[ubuntu/bionic-proposed] glibc 2.26-0ubuntu3 (Accepted)
Chris Coulson
chris.coulson at canonical.com
Thu Jan 18 12:45:30 UTC 2018
glibc (2.26-0ubuntu3) bionic; urgency=medium
* SECURITY UPDATE: Memory leak in dynamic loader (ld.so)
- debian/patches/any/cvs-compute-correct-array-size-in-_dl_init_paths.diff:
Compute correct array size in _dl_init_paths
- CVE-2017-1000408
* SECURITY UPDATE: Buffer overflow in dynamic loader (ld.so)
- debian/patches/any/cvs-count-components-of-expanded-path-in-_dl_init_paths.diff:
Count components of the expanded path in _dl_init_path
- CVE-2017-1000409
* SECURITY UPDATE: One-byte overflow in glob
- debian/patches/any/cvs-fix-one-byte-glob-overflow.diff: Fix one-byte
overflow in glob
- CVE-2017-15670
* SECURITY UPDATE: Buffer overflow in glob
- debian/patches/any/cvs-fix-glob-buffer-overflow.diff: Fix buffer overflow
during GLOB_TILDE unescaping
- CVE-2017-15804
* SECURITY UPDATE: Local privilege escalation via mishandled RPATH / RUNPATH
- debian/patches/any/cvs-elf-check-for-empty-tokens.diff: elf: Check for
empty tokens before dynamic string token expansion
- CVE-2017-16997
* SECURITY UPDATE: Integer overflow in malloc()
- debian/patches/any/cvs-fix-integer-overflow-in-malloc.diff: Fix integer
overflow in malloc when tcache is enabled
- CVE-2017-17426
* SECURITY UPDATE: Buffer underflow in realpath()
- debian/patches/any/cvs-make-getcwd-fail-if-path-is-no-absolute.diff:
Make getcwd(3) fail if it cannot obtain an absolute path
- CVE-2018-1000001
Date: Fri, 12 Jan 2018 20:42:20 +0000
Changed-By: Chris Coulson <chris.coulson at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/glibc/2.26-0ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 12 Jan 2018 20:42:20 +0000
Source: glibc
Binary: libc-bin libc-dev-bin libc-l10n glibc-doc glibc-source locales locales-all nscd multiarch-support libc6 libc6-dev libc6-dbg libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc libc6-dev-sparc libc6-sparc64 libc6-dev-sparc64 libc6-s390 libc6-dev-s390 libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mips32 libc6-dev-mips32 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc6-armhf libc6-dev-armhf libc6-armel libc6-dev-armel libc0.1-i386 libc0.1-dev-i386 libc6-x32 libc6-dev-x32 libc6-xen libc0.3-xen libc6.1-alphaev67
Architecture: source
Version: 2.26-0ubuntu3
Distribution: bionic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Chris Coulson <chris.coulson at canonical.com>
Description:
glibc-doc - GNU C Library: Documentation
glibc-source - GNU C Library: sources
libc-bin - GNU C Library: Binaries
libc-dev-bin - GNU C Library: Development binaries
libc-l10n - GNU C Library: localization files
libc0.1 - GNU C Library: Shared libraries
libc0.1-dbg - GNU C Library: detached debugging symbols
libc0.1-dev - GNU C Library: Development Libraries and Header Files
libc0.1-dev-i386 - GNU C Library: 32bit development libraries for AMD64
libc0.1-i386 - GNU C Library: 32bit shared libraries for AMD64
libc0.1-pic - GNU C Library: PIC archive library
libc0.1-udeb - GNU C Library: Shared libraries - udeb (udeb)
libc0.3 - GNU C Library: Shared libraries
libc0.3-dbg - GNU C Library: detached debugging symbols
libc0.3-dev - GNU C Library: Development Libraries and Header Files
libc0.3-pic - GNU C Library: PIC archive library
libc0.3-udeb - GNU C Library: Shared libraries - udeb (udeb)
libc0.3-xen - GNU C Library: Shared libraries [Xen version]
libc6 - GNU C Library: Shared libraries
libc6-amd64 - GNU C Library: 64bit Shared libraries for AMD64
libc6-armel - GNU C Library: ARM softfp shared libraries for armhf
libc6-armhf - GNU C Library: ARM hard float shared libraries for armel
libc6-dbg - GNU C Library: detached debugging symbols
libc6-dev - GNU C Library: Development Libraries and Header Files
libc6-dev-amd64 - GNU C Library: 64bit Development Libraries for AMD64
libc6-dev-armel - GNU C Library: ARM softfp development libraries for armhf
libc6-dev-armhf - GNU C Library: ARM hard float development libraries for armel
libc6-dev-i386 - GNU C Library: 32-bit development libraries for AMD64
libc6-dev-mips32 - GNU C Library: o32 Development Libraries for MIPS
libc6-dev-mips64 - GNU C Library: 64bit Development Libraries for MIPS64
libc6-dev-mipsn32 - GNU C Library: n32 Development Libraries for MIPS64
libc6-dev-powerpc - GNU C Library: 32bit powerpc development libraries for ppc64
libc6-dev-ppc64 - GNU C Library: 64bit Development Libraries for PowerPC64
libc6-dev-s390 - GNU C Library: 32bit Development Libraries for IBM zSeries
libc6-dev-sparc - GNU C Library: 32bit Development Libraries for SPARC
libc6-dev-sparc64 - GNU C Library: 64bit Development Libraries for UltraSPARC
libc6-dev-x32 - GNU C Library: X32 ABI Development Libraries for AMD64
libc6-i386 - GNU C Library: 32-bit shared libraries for AMD64
libc6-mips32 - GNU C Library: o32 Shared libraries for MIPS
libc6-mips64 - GNU C Library: 64bit Shared libraries for MIPS64
libc6-mipsn32 - GNU C Library: n32 Shared libraries for MIPS64
libc6-pic - GNU C Library: PIC archive library
libc6-powerpc - GNU C Library: 32bit powerpc shared libraries for ppc64
libc6-ppc64 - GNU C Library: 64bit Shared libraries for PowerPC64
libc6-s390 - GNU C Library: 32bit Shared libraries for IBM zSeries
libc6-sparc - GNU C Library: 32bit Shared libraries for SPARC
libc6-sparc64 - GNU C Library: 64bit Shared libraries for UltraSPARC
libc6-udeb - GNU C Library: Shared libraries - udeb (udeb)
libc6-x32 - GNU C Library: X32 ABI Shared libraries for AMD64
libc6-xen - GNU C Library: Shared libraries [Xen version]
libc6.1 - GNU C Library: Shared libraries
libc6.1-alphaev67 - GNU C Library: Shared libraries (EV67 optimized)
libc6.1-dbg - GNU C Library: detached debugging symbols
libc6.1-dev - GNU C Library: Development Libraries and Header Files
libc6.1-pic - GNU C Library: PIC archive library
libc6.1-udeb - GNU C Library: Shared libraries - udeb (udeb)
locales - GNU C Library: National Language (locale) data [support]
locales-all - GNU C Library: Precompiled locale data
multiarch-support - Transitional package to ensure multiarch compatibility
nscd - GNU C Library: Name Service Cache Daemon
Changes:
glibc (2.26-0ubuntu3) bionic; urgency=medium
.
* SECURITY UPDATE: Memory leak in dynamic loader (ld.so)
- debian/patches/any/cvs-compute-correct-array-size-in-_dl_init_paths.diff:
Compute correct array size in _dl_init_paths
- CVE-2017-1000408
* SECURITY UPDATE: Buffer overflow in dynamic loader (ld.so)
- debian/patches/any/cvs-count-components-of-expanded-path-in-_dl_init_paths.diff:
Count components of the expanded path in _dl_init_path
- CVE-2017-1000409
* SECURITY UPDATE: One-byte overflow in glob
- debian/patches/any/cvs-fix-one-byte-glob-overflow.diff: Fix one-byte
overflow in glob
- CVE-2017-15670
* SECURITY UPDATE: Buffer overflow in glob
- debian/patches/any/cvs-fix-glob-buffer-overflow.diff: Fix buffer overflow
during GLOB_TILDE unescaping
- CVE-2017-15804
* SECURITY UPDATE: Local privilege escalation via mishandled RPATH / RUNPATH
- debian/patches/any/cvs-elf-check-for-empty-tokens.diff: elf: Check for
empty tokens before dynamic string token expansion
- CVE-2017-16997
* SECURITY UPDATE: Integer overflow in malloc()
- debian/patches/any/cvs-fix-integer-overflow-in-malloc.diff: Fix integer
overflow in malloc when tcache is enabled
- CVE-2017-17426
* SECURITY UPDATE: Buffer underflow in realpath()
- debian/patches/any/cvs-make-getcwd-fail-if-path-is-no-absolute.diff:
Make getcwd(3) fail if it cannot obtain an absolute path
- CVE-2018-1000001
Checksums-Sha1:
f91716b3153e4f2bc79931339b683846fb522197 8688 glibc_2.26-0ubuntu3.dsc
e186c0b06f818a6744c8177eb68810c356620e04 999608 glibc_2.26-0ubuntu3.debian.tar.xz
8645a900108c3ed7c2ed27b541d6cb37f2374376 8912 glibc_2.26-0ubuntu3_source.buildinfo
Checksums-Sha256:
440da5105a563b288d7c473d187e6b77e6ed1aa70a5702a153b1d9920a31b6d5 8688 glibc_2.26-0ubuntu3.dsc
7c7b8452bac5b08489f6fc1ea1c3e4c4ed26a3500a2bae814cfc87d98f8b6f69 999608 glibc_2.26-0ubuntu3.debian.tar.xz
d9045790008dd2ff841ca2ff93a866262682f58e7bc416e649ccd6a532ca405c 8912 glibc_2.26-0ubuntu3_source.buildinfo
Files:
9c76575351650623cab0e30a16018d43 8688 libs required glibc_2.26-0ubuntu3.dsc
84fbe0bab7335d8d2d4dc92804a60fe7 999608 libs required glibc_2.26-0ubuntu3.debian.tar.xz
18202f107f55481f382a595fed2604d1 8912 libs required glibc_2.26-0ubuntu3_source.buildinfo
Original-Maintainer: GNU Libc Maintainers <debian-glibc at lists.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJaYJWsAAoJEGVp2FWnRL6TXV8P/1IR452ZQF5AneBE8pk6m5lg
wSo6hRjMLFFChU9pBlrF6Gu222f8y0smF0MDSmHQvA+oh51766LDAj6vfXcGscUF
WaRFyvGvXkMCnqzEXKyIw38nxQEpzzhOXilmZMiF+u7rEFkBruzSRp2+4MNOrSSq
zp1QJ8CUtP0zJHn5zXpfa5VeYGwV/SsLqogwZrsRfII167b1cQobu2+LyJjtlkZi
5jRSxTWjDlKQOd2E6dyFDMSMXTFiHuCqJt/p2bgyAwzpoD83kLLYCsc4ALdGMXw1
Inb3Bq8CPcPA9zXcb88lHpofrMoWPri/Kc0/llJBQRaPK4q2Q6FiiTUW2iC036J2
yn0nk9j/aB/osIwNXAHCLjKEAumpfwLTabvG31i5ad/AFydX2YNovoqrlEca+Mi+
lo7sBD0nLb02m3BkfL8cDs8gRsdvbNme3Cmeg6aN0lJOQwbPYxNbIrLJg5JN7fyS
TEYfxjTNVA9o6KzsTgCn/rCVhuBD/WpdRCcHzlR9uGSNi6vQhLttfTkt+LDNme6Z
5lbhs7NoB+v3wksYnBzJxbeY6u8NfMROOCW8kcjtiNSooPn2j3njP4Ron6dJSPKc
GzS/r/1U0K+AzVuIJlznAdgReIiDC08whDsz3ZMzpu4Wbk4NqnEF0nZnEmgJCzYX
Qo06ZVP7VmVmSPEwQAtC
=zzuh
-----END PGP SIGNATURE-----
More information about the Bionic-changes
mailing list