[ubuntu/hardy-security] glibc, glibc_2.7-10ubuntu8.1_lpia_translations.tar.gz, glibc_2.7-10ubuntu8.1_amd64_translations.tar.gz, glibc_2.7-10ubuntu8.1_powerpc_translations.tar.gz, glibc_2.7-10ubuntu8.1_i386_translations.tar.gz 2.7-10ubuntu8.1 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Fri Mar 9 03:37:03 UTC 2012


glibc (2.7-10ubuntu8.1) hardy-security; urgency=low

  * SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
    - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
      TZ file header
    - CVE-2009-5029
  * SECURITY UPDATE:
    - debian/patches/any/submitted-nis-shadow.diff remove encrypted
      passwords from passwd entries, and add them in shadow entries and
      fix incorrect password overwriting
    - CVE-2010-0015
  * SECURITY UPDATE: memory consumption denial of service in fnmatch
    - debian/patches/any/glibc-CVE-2011-1071.patch: avoid too much
      stack use in fnmatch.
    - CVE-2011-1071
  * SECURITY UPDATE: /etc/mtab corruption denial of service
    - debian/patches/any/glibc-CVE-2011-1089.patch: Report write
      error in addmnt even for cached streams
    - CVE-2011-1089
  * SECURITY UPDATE: insufficient locale environment sanitization
    - debian/patches/any/glibc-CVE-2011-1095.patch: escape contents of
      LANG environment variable.
    - CVE-2011-1095
  * SECURITY UPDATE: ld.so insecure handling of privileged programs'
    RPATHs with $ORIGIN
    - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
      RPATH and ORIGIN
    - CVE-2011-1658
  * SECURITY UPDATE: fnmatch integer overflow
    - debian/patches/any/glibc-CVE-2011-1659.patch: check size of
      pattern in wide character representation
    - CVE-2011-1659
  * SECURITY UPDATE: signedness bug in memcpy_ssse3
    - debian/patches/any/glibc-CVE-2011-2702.patch: use unsigned
      comparison instructions
    - CVE-2011-2702
  * SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
    - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
      many open fds is detected
    - CVE-2011-4609
  * SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
    check bypass
    - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
      overflow
    - CVE-2012-0864

Date: Tue, 06 Mar 2012 10:06:52 -0800
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/glibc/2.7-10ubuntu8.1
-------------- next part --------------
Format: 1.7
Date: Tue, 06 Mar 2012 10:06:52 -0800
Source: glibc
Binary: glibc-doc glibc-source locales locales-all nscd libc6 libc6-dev libc6-dbg libc6-prof libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-prof libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-prof libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-prof libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc64 libc6-dev-sparc64 libc6-s390x libc6-dev-s390x libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-sparcv9b libc6-sparcv9v libc6-sparcv9v2 libc6-sparc64b libc6-sparc64v libc6-sparc64v2 libc6-i686 libc6-xen libc0.1-i686 libc6.1-alphaev67 libnss-dns-udeb libnss-files-udeb
Architecture: source
Version: 2.7-10ubuntu8.1
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 glibc-doc  - GNU C Library: Documentation
 glibc-source - GNU C Library: sources
 libc0.1    - GNU C Library: Shared libraries
 libc0.1-dbg - GNU C Library: Libraries with debugging symbols
 libc0.1-dev - GNU C Library: Development Libraries and Header Files
 libc0.1-dev-i386 - GNU C Library: 32bit development libraries for AMD64
 libc0.1-i386 - GNU C Library: 32bit shared libraries for AMD64
 libc0.1-i686 - GNU C Library: Shared libraries [i686 optimized]
 libc0.1-pic - GNU C Library: PIC archive library
 libc0.1-prof - GNU C Library: Profiling Libraries
 libc0.1-udeb - GNU C Library: Shared libraries - udeb
 libc0.3    - GNU C Library: Shared libraries
 libc0.3-dbg - GNU C Library: Libraries with debugging symbols
 libc0.3-dev - GNU C Library: Development Libraries and Header Files
 libc0.3-pic - GNU C Library: PIC archive library
 libc0.3-prof - GNU C Library: Profiling Libraries
 libc0.3-udeb - GNU C Library: Shared libraries - udeb
 libc6      - GNU C Library: Shared libraries
 libc6-amd64 - GNU C Library: 64bit Shared libraries for AMD64
 libc6-dbg  - GNU C Library: Libraries with debugging symbols
 libc6-dev  - GNU C Library: Development Libraries and Header Files
 libc6-dev-amd64 - GNU C Library: 64bit Development Libraries for AMD64
 libc6-dev-i386 - GNU C Library: 32bit development libraries for AMD64
 libc6-dev-mips64 - GNU C Library: 64bit Development Libraries for MIPS64
 libc6-dev-mipsn32 - GNU C Library: n32 Development Libraries for MIPS64
 libc6-dev-powerpc - GNU C Library: 32bit powerpc development libraries for ppc64
 libc6-dev-ppc64 - GNU C Library: 64bit Development Libraries for PowerPC64
 libc6-dev-s390x - GNU C Library: 64bit Development Libraries for IBM zSeries
 libc6-dev-sparc64 - GNU C Library: 64bit Development Libraries for UltraSPARC
 libc6-i386 - GNU C Library: 32bit shared libraries for AMD64
 libc6-i686 - GNU C Library: Shared libraries [i686 optimized]
 libc6-mips64 - GNU C Library: 64bit Shared libraries for MIPS64
 libc6-mipsn32 - GNU C Library: n32 Shared libraries for MIPS64
 libc6-pic  - GNU C Library: PIC archive library
 libc6-powerpc - GNU C Library: 32bit powerpc shared libraries for ppc64
 libc6-ppc64 - GNU C Library: 64bit Shared libraries for PowerPC64
 libc6-prof - GNU C Library: Profiling Libraries
 libc6-s390x - GNU C Library: 64bit Shared libraries for IBM zSeries
 libc6-sparc64 - GNU C Library: 64bit Shared libraries for UltraSPARC
 libc6-sparc64b - GNU C Library: 64bit Shared libraries for UltraSPARC [v9b optimiz
 libc6-sparc64v - GNU C Library: 64bit Shared libraries for UltraSPARC [v9v optimiz
 libc6-sparc64v2 - GNU C Library: 64bit Shared libraries for UltraSPARC [v9v2 optimi
 libc6-sparcv9b - GNU C Library: Shared libraries [v9b optimized]
 libc6-sparcv9v - GNU C Library: Shared libraries [v9v optimized]
 libc6-sparcv9v2 - GNU C Library: Shared libraries [v9v2 optimized]
 libc6-udeb - GNU C Library: Shared libraries - udeb
 libc6-xen  - GNU C Library: Shared libraries [Xen version]
 libc6.1    - GNU C Library: Shared libraries
 libc6.1-alphaev67 - GNU C Library: Shared libraries (EV67 optimized)
 libc6.1-dbg - GNU C Library: Libraries with debugging symbols
 libc6.1-dev - GNU C Library: Development Libraries and Header Files
 libc6.1-pic - GNU C Library: PIC archive library
 libc6.1-prof - GNU C Library: Profiling Libraries
 libc6.1-udeb - GNU C Library: Shared libraries - udeb
 libnss-dns-udeb - GNU C Library: NSS helper for DNS - udeb
 libnss-files-udeb - GNU C Library: NSS helper for files - udeb
 locales    - GNU C Library: National Language (locale) data [support]
 locales-all - GNU C Library: Precompiled locale data
 nscd       - GNU C Library: Name Service Cache Daemon
Launchpad-Bugs-Fixed: 901716 906961
Changes: 
 glibc (2.7-10ubuntu8.1) hardy-security; urgency=low
 .
   * SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
     - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
       TZ file header
     - CVE-2009-5029
   * SECURITY UPDATE:
     - debian/patches/any/submitted-nis-shadow.diff remove encrypted
       passwords from passwd entries, and add them in shadow entries and
       fix incorrect password overwriting
     - CVE-2010-0015
   * SECURITY UPDATE: memory consumption denial of service in fnmatch
     - debian/patches/any/glibc-CVE-2011-1071.patch: avoid too much
       stack use in fnmatch.
     - CVE-2011-1071
   * SECURITY UPDATE: /etc/mtab corruption denial of service
     - debian/patches/any/glibc-CVE-2011-1089.patch: Report write
       error in addmnt even for cached streams
     - CVE-2011-1089
   * SECURITY UPDATE: insufficient locale environment sanitization
     - debian/patches/any/glibc-CVE-2011-1095.patch: escape contents of
       LANG environment variable.
     - CVE-2011-1095
   * SECURITY UPDATE: ld.so insecure handling of privileged programs'
     RPATHs with $ORIGIN
     - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
       RPATH and ORIGIN
     - CVE-2011-1658
   * SECURITY UPDATE: fnmatch integer overflow
     - debian/patches/any/glibc-CVE-2011-1659.patch: check size of
       pattern in wide character representation
     - CVE-2011-1659
   * SECURITY UPDATE: signedness bug in memcpy_ssse3
     - debian/patches/any/glibc-CVE-2011-2702.patch: use unsigned
       comparison instructions
     - CVE-2011-2702
   * SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
     - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
       many open fds is detected
     - CVE-2011-4609
   * SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
     check bypass
     - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
       overflow
     - CVE-2012-0864
Files: 
 89d6a832b8abf37d904e1d93e4e6de74 2974 libs required glibc_2.7-10ubuntu8.1.dsc
 d6be54e49961e8a1bcc5e55f912f99e6 816976 libs required glibc_2.7-10ubuntu8.1.diff.gz
Original-Maintainer: GNU Libc Maintainers <debian-glibc at lists.debian.org>


More information about the Hardy-changes mailing list