[ubuntu/lucid-updates] eglibc 2.11.1-0ubuntu7.13 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Oct 21 16:59:37 UTC 2013
eglibc (2.11.1-0ubuntu7.13) lucid-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
strcoll overflows
- debian/patches/any/CVE-2012-44xx.diff: fix overflows in
string/strcoll_l.c, add test to string/tst-strcoll-overflow.c,
string/Makefile.
- CVE-2012-4412
- CVE-2012-4424
* SECURITY UPDATE: denial of service in regular expression matcher
- debian/patches/any/CVE-2013-0242.diff: fix buffer overrun in
posix/regexec.c, add test to posix/bug-regex34.c, posix/Makefile.
- CVE-2013-0242
* SECURITY UPDATE: denial of service in getaddrinfo
- debian/patches/any/CVE-2013-1914.diff: fix overflow in
sysdeps/posix/getaddrinfo.c, add libc_hidden_proto for
__libc_alloca_cutoff in include/alloca.h, nptl/Versions,
nptl/alloca_cutoff.c.
- CVE-2013-1914
* SECURITY UPDATE: denial of service and possible code execution via
readdir_r
- debian/patches/any/CVE-2013-4237.diff: enforce NAME_MAX limit in
sysdeps/unix/readdir_r.c, add errcode to sysdeps/unix/dirstream.h,
sysdeps/unix/opendir.c, sysdeps/unix/rewinddir.c, remove
GETDENTS_64BIT_ALIGNED from
sysdeps/unix/sysv/linux/i386/readdir64_r.c,
sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c.
- CVE-2013-4237
* SECURITY UPDATE: denial of service and possible code execution via
overflows in memory allocator
- debian/patches/any/CVE-2013-4332.diff: check for overflows in
malloc/malloc.c.
- CVE-2013-4332
Date: 2013-10-02 01:07:13.499499+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/lucid/+source/eglibc/2.11.1-0ubuntu7.13
-------------- next part --------------
Sorry, changesfile not available.
More information about the Lucid-changes
mailing list