[ubuntu/natty-security] eglibc_2.13-0ubuntu13.1_powerpc_translations.tar.gz, eglibc, eglibc_2.13-0ubuntu13.1_armel_translations.tar.gz, eglibc_2.13-0ubuntu13.1_i386_translations.tar.gz, eglibc_2.13-0ubuntu13.1_amd64_translations.tar.gz 2.13-0ubuntu13.1 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Fri Mar 9 03:34:31 UTC 2012
eglibc (2.13-0ubuntu13.1) natty-security; urgency=low
* SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
- debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
TZ file header
- CVE-2009-5029
* SECURITY UPDATE: /etc/mtab corruption denial of service
- debian/patches/any/glibc-CVE-2011-1089.patch: Report write
error in addmnt even for cached streams
- CVE-2011-1089
* SECURITY UPDATE: ld.so insecure handling of privileged programs'
RPATHs with $ORIGIN
- debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
RPATH and ORIGIN
- CVE-2011-1658
* SECURITY UPDATE: fnmatch integer overflow
- debian/patches/any/glibc-CVE-2011-1659.patch: check size of
pattern in wide character representation
- CVE-2011-1659
* SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
- debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
many open fds is detected
- CVE-2011-4609
* SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
check bypass
- debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
overflow
- CVE-2012-0864
Date: Mon, 05 Mar 2012 17:14:28 -0800
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/eglibc/2.13-0ubuntu13.1
-------------- next part --------------
Format: 1.8
Date: Mon, 05 Mar 2012 17:14:28 -0800
Source: eglibc
Binary: libc-bin libc-dev-bin glibc-doc eglibc-source locales locales-all nscd multiarch-support libc6 libc6-dev libc6-dbg libc6-prof libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-prof libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-prof libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-prof libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc64 libc6-dev-sparc64 libc6-s390x libc6-dev-s390x libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-sparcv9v libc6-sparcv9v2 libc6-sparc64b libc6-sparc64v libc6-sparc64v2 libc6-xen libc0.1-i686 libc0.3-i686 libc0.3-xen libc6.1-alphaev67 libnss-dns-udeb libnss-files-udeb
Architecture: source
Version: 2.13-0ubuntu13.1
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description:
eglibc-source - Embedded GNU C Library: sources
glibc-doc - Embedded GNU C Library: Documentation
libc-bin - Embedded GNU C Library: Binaries
libc-dev-bin - Embedded GNU C Library: Development binaries
libc0.1 - Embedded GNU C Library: Shared libraries
libc0.1-dbg - Embedded GNU C Library: detached debugging symbols
libc0.1-dev - Embedded GNU C Library: Development Libraries and Header Files
libc0.1-dev-i386 - Embedded GNU C Library: 32bit development libraries for AMD64
libc0.1-i386 - Embedded GNU C Library: 32bit shared libraries for AMD64
libc0.1-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
libc0.1-pic - Embedded GNU C Library: PIC archive library
libc0.1-prof - Embedded GNU C Library: Profiling Libraries
libc0.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
libc0.3 - Embedded GNU C Library: Shared libraries
libc0.3-dbg - Embedded GNU C Library: detached debugging symbols
libc0.3-dev - Embedded GNU C Library: Development Libraries and Header Files
libc0.3-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
libc0.3-pic - Embedded GNU C Library: PIC archive library
libc0.3-prof - Embedded GNU C Library: Profiling Libraries
libc0.3-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
libc0.3-xen - Embedded GNU C Library: Shared libraries [Xen version]
libc6 - Embedded GNU C Library: Shared libraries
libc6-amd64 - Embedded GNU C Library: 64bit Shared libraries for AMD64
libc6-dbg - Embedded GNU C Library: detached debugging symbols
libc6-dev - Embedded GNU C Library: Development Libraries and Header Files
libc6-dev-amd64 - Embedded GNU C Library: 64bit Development Libraries for AMD64
libc6-dev-i386 - Embedded GNU C Library: 32-bit development libraries for AMD64
libc6-dev-mips64 - Embedded GNU C Library: 64bit Development Libraries for MIPS64
libc6-dev-mipsn32 - Embedded GNU C Library: n32 Development Libraries for MIPS64
libc6-dev-powerpc - Embedded GNU C Library: 32bit powerpc development libraries for p
libc6-dev-ppc64 - Embedded GNU C Library: 64bit Development Libraries for PowerPC64
libc6-dev-s390x - Embedded GNU C Library: 64bit Development Libraries for IBM zSeri
libc6-dev-sparc64 - Embedded GNU C Library: 64bit Development Libraries for UltraSPAR
libc6-i386 - Embedded GNU C Library: 32-bit shared libraries for AMD64
libc6-mips64 - Embedded GNU C Library: 64bit Shared libraries for MIPS64
libc6-mipsn32 - Embedded GNU C Library: n32 Shared libraries for MIPS64
libc6-pic - Embedded GNU C Library: PIC archive library
libc6-powerpc - Embedded GNU C Library: 32bit powerpc shared libraries for ppc64
libc6-ppc64 - Embedded GNU C Library: 64bit Shared libraries for PowerPC64
libc6-prof - Embedded GNU C Library: Profiling Libraries
libc6-s390x - Embedded GNU C Library: 64bit Shared libraries for IBM zSeries
libc6-sparc64 - Embedded GNU C Library: 64bit Shared libraries for UltraSPARC
libc6-sparc64b - Embedded GNU C Library: 64bit Shared libraries for UltraSPARC [v9
libc6-sparc64v - Embedded GNU C Library: 64bit Shared libraries for UltraSPARC [v9
libc6-sparc64v2 - Embedded GNU C Library: 64bit Shared libraries for UltraSPARC [v9
libc6-sparcv9v - Embedded GNU C Library: Shared libraries [v9v optimized]
libc6-sparcv9v2 - Embedded GNU C Library: Shared libraries [v9v2 optimized]
libc6-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
libc6-xen - Embedded GNU C Library: Shared libraries [Xen version]
libc6.1 - Embedded GNU C Library: Shared libraries
libc6.1-alphaev67 - Embedded GNU C Library: Shared libraries (EV67 optimized)
libc6.1-dbg - Embedded GNU C Library: detached debugging symbols
libc6.1-dev - Embedded GNU C Library: Development Libraries and Header Files
libc6.1-pic - Embedded GNU C Library: PIC archive library
libc6.1-prof - Embedded GNU C Library: Profiling Libraries
libc6.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
libnss-dns-udeb - Embedded GNU C Library: NSS helper for DNS - udeb (udeb)
libnss-files-udeb - Embedded GNU C Library: NSS helper for files - udeb (udeb)
locales - Embedded GNU C Library: National Language (locale) data [support]
locales-all - Embedded GNU C Library: Precompiled locale data
multiarch-support - Transitional package to ensure multiarch compatibility
nscd - Embedded GNU C Library: Name Service Cache Daemon
Launchpad-Bugs-Fixed: 901716 906961
Changes:
eglibc (2.13-0ubuntu13.1) natty-security; urgency=low
.
* SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
- debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
TZ file header
- CVE-2009-5029
* SECURITY UPDATE: /etc/mtab corruption denial of service
- debian/patches/any/glibc-CVE-2011-1089.patch: Report write
error in addmnt even for cached streams
- CVE-2011-1089
* SECURITY UPDATE: ld.so insecure handling of privileged programs'
RPATHs with $ORIGIN
- debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
RPATH and ORIGIN
- CVE-2011-1658
* SECURITY UPDATE: fnmatch integer overflow
- debian/patches/any/glibc-CVE-2011-1659.patch: check size of
pattern in wide character representation
- CVE-2011-1659
* SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
- debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
many open fds is detected
- CVE-2011-4609
* SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
check bypass
- debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
overflow
- CVE-2012-0864
Checksums-Sha1:
e8c4b18a6a1cff0e55f80f48bbc9aa575dcb0b84 3589 eglibc_2.13-0ubuntu13.1.dsc
c163b3e7b4efb0f7d5f86b12e6a27e878e2e3d64 904268 eglibc_2.13-0ubuntu13.1.diff.gz
Checksums-Sha256:
4450a2bf9409b8541451d842aa468059533f282f407f08945410dcb36fa876df 3589 eglibc_2.13-0ubuntu13.1.dsc
80b3b1b6af1b36e8dd733a7b97599f31bef2599f814f000483156c26e5852a0c 904268 eglibc_2.13-0ubuntu13.1.diff.gz
Files:
b8855e9264c70679fffb3b2f7f06d564 3589 libs required eglibc_2.13-0ubuntu13.1.dsc
8922ec4d359247a9118d29b8f5c545ba 904268 libs required eglibc_2.13-0ubuntu13.1.diff.gz
Original-Maintainer: GNU Libc Maintainers <debian-glibc at lists.debian.org>
More information about the Natty-changes
mailing list