[ubuntu/focal-security] klibc 2.0.7-1ubuntu5.1 (Accepted)
David Fernandez Gonzalez
david.fernandezgonzalez at canonical.com
Mon Apr 18 07:40:50 UTC 2022
klibc (2.0.7-1ubuntu5.1) focal-security; urgency=medium
* SECURITY UPDATE: integer overflow in calloc
- debian/patches/CVE-2021-31870.patch: add overflow check
when performing the multiplication in usr/klibc/calloc.c.
- CVE-2021-31870
* SECURITY UPDATE: integer overflow in cpio
- debian/patches/CVE-2021-31871.patch: remove cast to unsigned
to avoid a possible overflow in 64 bit systems in
usr/utils/cpio.c.
- CVE-2021-31871
* SECURITY UPDATE: integer overflow in read_in_new_ascii
- debian/patches/CVE-2021-31872.patch: ensure that c_namesize
and c_filesize are smaller than LONG_MAX in usr/utils/cpio.c.
- CVE-2021-31872
* SECURITY UPDATE: integer overflow in malloc
- debian/patches/CVE-2021-31873.patch: ensure that size is smaller
than PTRDIFF_MAX in usr/klibc/malloc.c.
- CVE-2021-31873
Date: 2022-04-13 13:59:14.729974+00:00
Changed-By: David Fernandez Gonzalez <david.fernandezgonzalez at canonical.com>
https://launchpad.net/ubuntu/+source/klibc/2.0.7-1ubuntu5.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list