[ubuntu/yakkety-updates] glibc 2.24-3ubuntu2.2 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Jun 19 16:58:53 UTC 2017
glibc (2.24-3ubuntu2.2) yakkety-security; urgency=medium
* SECURITY UPDATE: LD_LIBRARY_PATH stack corruption
- debian/patches/any/CVE-2017-1000366.patch: Completely ignore
LD_LIBRARY_PATH for AT_SECURE=1 programs
- CVE-2017-1000366
* SECURITY UPDATE: LD_PRELOAD stack corruption
- debian/patches/any/upstream-harden-rtld-Reject-overly-long-LD_PRELOAD.patch:
Reject overly long names or names containing directories in
LD_PRELOAD for AT_SECURE=1 programs.
- debian/patches/any/cve-i686-Add-missing-IS_IN-libc-guards.patch:
prerequisite patch
* debian/patches/any/cvs-harden-glibc-malloc-metadata.patch: add
additional consistency check for 1-byte overflows
* debian/patches/any/cvs-harden-ignore-LD_HWCAP_MASK.patch: ignore
LD_HWCAP_MASK for AT_SECURE=1 programs
Date: 2017-06-16 19:20:15.874982+00:00
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/glibc/2.24-3ubuntu2.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Yakkety-changes
mailing list