Package "libc-bin"
Links
Download "libc-bin"
Other versions of "libc-bin" in Xenial
Changelog
glibc (2.23-0ubuntu6) xenial-security; urgency=medium
* SECURITY UPDATE: DNS resolver NULL pointer dereference with
crafted record type
- patches/any/CVE-2015-5180.diff: use out of band signaling for
internal queries
- CVE-2015-5180
* Rebuild to get the following fixes into the xenial-security pocket:
- SECURITY UPDATE: stack-based buffer overflow in the glob
implementation
+ patches/git-updates.diff: Simplify the interface for the
GLOB_ALTDIRFUNC callback gl_readdir
+ CVE-2016-1234
- SECURITY UPDATE: getaddrinfo: stack overflow in hostent
conversion
+ patches/git-updates.diff: Use a heap allocation instead
+ CVE-2016-3706:
- SECURITY UPDATE: stack exhaustion in clntudp_call
+ patches/git-updates.diff: Use malloc/free for the error
payload.
+ CVE-2016-4429
- SECURITY UPDATE: memory exhaustion DoS in libresolv
+ patches/git-updates.diff: Simplify handling of nameserver
configuration in resolver
+ CVE-2016-5417
- SECURITY UPDATE: ARM32 backtrace infinite loop (DoS)
+ patches/git-updates.diff: mark __startcontext as .cantunwind
+ CVE-2016-6323
-- Steve Beattie <email address hidden> Mon, 06 Mar 2017 16:47:32 -0800
|
CVE-2015-5180 |
DNS resolver NULL pointer dereference with crafted record type |
CVE-2016-1234 |
Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-depende |
CVE-2016-3706 |
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attack |
CVE-2016-4429 |
Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to caus |
CVE-2016-5417 |
Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows |
CVE-2016-6323 |
The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI |
|
About
-
Send Feedback to @ubuntu_updates