Package "glibc-source"
Links
Download "glibc-source"
Other versions of "glibc-source" in Xenial
Changelog
glibc (2.23-0ubuntu11.3) xenial-security; urgency=medium
* SECURITY UPDATE: DoS via regular expression
- debian/patches/CVE-2009-5155.patch: diagnose invalid back-reference
in posix/regcomp.c, remove invalid test in posix/PCRE.tests.
- CVE-2009-5155
* SECURITY UPDATE: signed comparison vulnerability exists in ARM memcpy
- debian/patches/CVE-2020-6096-1.patch: fix multiarch memcpy for
negative length in sysdeps/arm/armv7/multiarch/memcpy_impl.S.
- debian/patches/CVE-2020-6096-2.patch: fix memcpy and memmove for
negative length in sysdeps/arm/memcpy.S, sysdeps/arm/memmove.S.
- CVE-2020-6096
-- Marc Deslauriers <email address hidden> Tue, 20 Apr 2021 14:52:26 -0400
|
Source diff to previous version |
CVE-2009-5155 |
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a den |
CVE-2020-6096 |
An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets |
|
glibc (2.23-0ubuntu11.2) xenial-security; urgency=medium
* SECURITY UPDATE: Use-after-free in clntudp_call
- debian/patches/CVE-2017-12133.patch: avoid use-after-free read access
in sunrpc/Makefile, sunrpc/clnt_udp.c, sunrpc/tst-udp-error.c.
- CVE-2017-12133
* SECURITY UPDATE: overlap in SSE2-optimized memmove implementation
- debian/patches/CVE-2017-18269.patch: fixed branch conditions in
string/test-memmove.c,
sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S.
- CVE-2017-18269
* SECURITY UPDATE: integer overflow in posix_memalign
- debian/patches/CVE-2018-6485.patch: fix integer overflows in internal
memalign and malloc in malloc/Makefile, malloc/malloc.c,
malloc/tst-malloc-too-large.c.
- CVE-2018-6485
* SECURITY UPDATE: integer overflow in realpath
- debian/patches/any/CVE-2018-11236.patch: fix path length overflow in
realpath in stdlib/Makefile, stdlib/canonicalize.c,
stdlib/test-bz22786.c.
- CVE-2018-11236
* SECURITY UPDATE: buffer overflow in __mempcpy_avx512_no_vzeroupper
- debian/patches/any/CVE-2018-11237.patch: don't write beyond
destination in string/test-mempcpy.c,
sysdeps/x86_64/multiarch/memcpy-avx512-no-vzeroupper.S.
- CVE-2018-11237
* SECURITY UPDATE: heap over-read via regular-expression match
- debian/patches/any/CVE-2019-9169.patch: fix read overrun in
posix/regexec.c.
- CVE-2019-9169
* SECURITY UPDATE: ASLR bypass
- debian/patches/any/CVE-2019-19126.patch: check __libc_enable_secure
before honoring LD_PREFER_MAP_32BIT_EXEC in
sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h.
- CVE-2019-19126
* SECURITY UPDATE: out-of-bounds write on PowerPC
- debian/patches/any/CVE-2020-1751.patch: fix array overflow in
backtrace on PowerPC in debug/tst-backtrace5.c,
sysdeps/powerpc/powerpc32/backtrace.c,
sysdeps/powerpc/powerpc64/backtrace.c.
- CVE-2020-1751
* SECURITY UPDATE: use-after-free via tilde expansion
- debian/patches/any/CVE-2020-1752.patch: fix use-after-free in glob
when expanding ~user in posix/glob.c.
- CVE-2020-1752
* SECURITY UPDATE: stack overflow via 80-bit long double function
- debian/patches/any/CVE-2020-10029.patch: avoid ldbl-96 stack
corruption from range reduction of pseudo-zero in
sysdeps/ieee754/ldbl-96/e_rem_pio2l.c,
- CVE-2020-10029
-- Marc Deslauriers <email address hidden> Thu, 04 Jun 2020 13:56:35 -0400
|
Source diff to previous version |
CVE-2017-12133 |
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote at |
CVE-2017-18269 |
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2. |
CVE-2018-6485 |
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier coul |
CVE-2018-11236 |
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath functi |
CVE-2018-11237 |
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the targ |
CVE-2019-9169 |
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case- |
CVE-2019-19126 |
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during progra |
CVE-2020-1751 |
An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function |
CVE-2020-1752 |
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths co |
CVE-2020-10029 |
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double func |
|
glibc (2.23-0ubuntu10) xenial-security; urgency=medium
* SECURITY UPDATE: Memory leak in dynamic loader (ld.so)
- debian/patches/any/cvs-compute-correct-array-size-in-_dl_init_paths.diff:
Compute correct array size in _dl_init_paths
- CVE-2017-1000408
* SECURITY UPDATE: Buffer overflow in dynamic loader (ld.so)
- debian/patches/any/cvs-count-components-of-expanded-path-in-_dl_init_paths.diff:
Count components of the expanded path in _dl_init_path
- CVE-2017-1000409
* SECURITY UPDATE: One-byte overflow in glob
- debian/patches/any/cvs-fix-one-byte-glob-overflow.diff: Fix one-byte
overflow in glob
- CVE-2017-15670
* SECURITY UPDATE: Buffer overflow in glob
- debian/patches/any/cvs-fix-glob-buffer-overflow.diff: Fix buffer overflow
during GLOB_TILDE unescaping
- CVE-2017-15804
* SECURITY UPDATE: Local privilege escalation via mishandled RPATH / RUNPATH
- debian/patches/any/cvs-elf-check-for-empty-tokens.diff: elf: Check for
empty tokens before dynamic string token expansion
- CVE-2017-16997
* SECURITY UPDATE: Buffer underflow in realpath()
- debian/patches/any/cvs-make-getcwd-fail-if-path-is-no-absolute.diff:
Make getcwd(3) fail if it cannot obtain an absolute path
- CVE-2018-1000001
-- Chris Coulson <email address hidden> Sun, 14 Jan 2018 20:06:26 +0000
|
Source diff to previous version |
glibc (2.23-0ubuntu9) xenial-security; urgency=medium
* SECURITY UPDATE: LD_LIBRARY_PATH stack corruption
- debian/patches/any/CVE-2017-1000366.patch: Completely ignore
LD_LIBRARY_PATH for AT_SECURE=1 programs
- CVE-2017-1000366
* SECURITY UPDATE: LD_PRELOAD stack corruption
- debian/patches/any/upstream-harden-rtld-Reject-overly-long-LD_PRELOAD.patch:
Reject overly long names or names containing directories in
LD_PRELOAD for AT_SECURE=1 programs.
* debian/patches/any/cvs-harden-glibc-malloc-metadata.patch: add
additional consistency check for 1-byte overflows
* debian/patches/any/cvs-harden-ignore-LD_HWCAP_MASK.patch: ignore
LD_HWCAP_MASK for AT_SECURE=1 programs
-- Steve Beattie <email address hidden> Fri, 16 Jun 2017 12:04:15 -0700
|
Source diff to previous version |
|
glibc (2.23-0ubuntu7) xenial-security; urgency=medium
* REGRESSION UPDATE: Previous update introduced ABI breakage in
internal glibc query ABI
- Revert patches/any/CVE-2015-5180-regression.diff
(LP: #1674532)
-- Steve Beattie <email address hidden> Tue, 21 Mar 2017 08:54:23 -0700
|
CVE-2015-5180 |
DNS resolver NULL pointer dereference with crafted record type |
|
About
-
Send Feedback to @ubuntu_updates