[ubuntu/xenial-updates] glibc 2.23-0ubuntu11.3 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Thu May 13 19:58:56 UTC 2021
glibc (2.23-0ubuntu11.3) xenial-security; urgency=medium
* SECURITY UPDATE: DoS via regular expression
- debian/patches/CVE-2009-5155.patch: diagnose invalid back-reference
in posix/regcomp.c, remove invalid test in posix/PCRE.tests.
- CVE-2009-5155
* SECURITY UPDATE: signed comparison vulnerability exists in ARM memcpy
- debian/patches/CVE-2020-6096-1.patch: fix multiarch memcpy for
negative length in sysdeps/arm/armv7/multiarch/memcpy_impl.S.
- debian/patches/CVE-2020-6096-2.patch: fix memcpy and memmove for
negative length in sysdeps/arm/memcpy.S, sysdeps/arm/memmove.S.
- CVE-2020-6096
Date: 2021-04-21 17:21:09.688651+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/glibc/2.23-0ubuntu11.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list