[ubuntu/zesty-proposed] libgc 1:7.4.2-8ubuntu1 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Thu Mar 9 19:48:19 UTC 2017
libgc (1:7.4.2-8ubuntu1) zesty; urgency=medium
* SECURITY UPDATE: multiple integer overflows leading to pointers to
memory zones smaller than requested size.
- d/p/CVE-2016-9427-1.patch: Fix calloc_explicitly_typed in case
of lb*n overflow.
- d/p/CVE-2016-9427-2.patch: Fix malloc routines to prevent size
value wrap-around of lb*n overflow.
- d/p/CVE-2016-9427-3.patch: Fix GC_collect_or_expand to prevent
allocation size value wrap-around
- d/p/CVE-2016-9427-test.patch: add test cases
- CVE-2016-9427
* d/p/workaround-gcc-6-gnu++14.patch: Work around libgc test failure
due to --std=gnu++14 (https://github.com/ivmai/bdwgc/issues/87)
Date: Mon, 13 Feb 2017 11:50:02 -0800
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libgc/1:7.4.2-8ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 13 Feb 2017 11:50:02 -0800
Source: libgc
Binary: libgc1c2 libgc-dev
Architecture: source
Version: 1:7.4.2-8ubuntu1
Distribution: zesty
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description:
libgc-dev - conservative garbage collector for C (development)
libgc1c2 - conservative garbage collector for C and C++
Changes:
libgc (1:7.4.2-8ubuntu1) zesty; urgency=medium
.
* SECURITY UPDATE: multiple integer overflows leading to pointers to
memory zones smaller than requested size.
- d/p/CVE-2016-9427-1.patch: Fix calloc_explicitly_typed in case
of lb*n overflow.
- d/p/CVE-2016-9427-2.patch: Fix malloc routines to prevent size
value wrap-around of lb*n overflow.
- d/p/CVE-2016-9427-3.patch: Fix GC_collect_or_expand to prevent
allocation size value wrap-around
- d/p/CVE-2016-9427-test.patch: add test cases
- CVE-2016-9427
* d/p/workaround-gcc-6-gnu++14.patch: Work around libgc test failure
due to --std=gnu++14 (https://github.com/ivmai/bdwgc/issues/87)
Checksums-Sha1:
dd88509a32c1f4a32d14066cf91349697a3c7d4b 2093 libgc_7.4.2-8ubuntu1.dsc
f9697d9ba7cb1e88bd0a57caa6c10e53e7ebfabd 24512 libgc_7.4.2-8ubuntu1.debian.tar.xz
Checksums-Sha256:
63d27fd8e86b3939c45d66f33a70ea4bf4c6ed1473bbf6a24892470ef96712f2 2093 libgc_7.4.2-8ubuntu1.dsc
d0b576091667b222c9b5744953ed78dd181a74fce80111d0531c88db04d91c27 24512 libgc_7.4.2-8ubuntu1.debian.tar.xz
Files:
21cdeb887a110810437007b240c62b1c 2093 libs standard libgc_7.4.2-8ubuntu1.dsc
642e2116d233f514bfc0130fdc5f77af 24512 libs standard libgc_7.4.2-8ubuntu1.debian.tar.xz
Original-Maintainer: Christoph Egger <christoph at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJYwbFUAAoJEGVp2FWnRL6TDx0QAKoSt8AjBxxkzSimXmmuZMND
e0m7ekf/R3lDxDXXhWlXNMDoHXhWc9cFUj4Du56W77EChjbwRoNKQS8AUQlV7uQ7
M3h84RcFjSSk+ioNy1J21JH5nKbOKUj9Z1XZsglFUOg6POHCNQ1HRiAqYNC8DFlk
If6BwoY9C3fXe0nd9fbkNNxhHTGlRj7uQH84xAlbH4Ww55zWPEg9PoLlUDWwSpFU
paUGvEqTeOJYT1NlY+n0cDTxOCYxjE4A8bnpzaV9wOq4wAGlvJ2NFiPk53xapgQ4
CtwICJN0SCXxhMRe13Mt6NgunzEnpekNRG8ZKxGMwLM40fev7MdckqWHtWIAJGCA
pgr54zjiW7Iqyq1c8s801isRyUCnn3+oL3Tpbnj6rO0/nJYHPQqsZ5ernHv4PGPG
DgaSHPBZKxkuIkKtPxru3NbhpQQgcIDbj3w7IbnmkVGYJJoSIaYjGsPMvoQUaBbT
nHtR/I7uNjd4c3wup6uI8rYawSU6wfBTwgKO66CThtPFQm+QwUkxqWceafqC5d/q
Ly2q2sAciB7tdQO+M4amt2MMUGVyiqmONt3zvT8snWdfOW4JA8WXF9DyfQuJKRfO
72aIwfF4pt+210l5NbQ/E9yYNoNLzniICwl/YH4dKksBNA/eU8TwfsMEOw/dcnL8
Aynphp13JWDKb/w+qHZO
=deFy
-----END PGP SIGNATURE-----
More information about the Zesty-changes
mailing list