Package "glibc"
Name: |
glibc
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- GNU C Library: Documentation
- GNU C Library: Binaries
- GNU C Library: Development binaries
- GNU C Library: Development tools
|
Latest version: |
2.38-1ubuntu6.3 |
Release: |
mantic (23.10) |
Level: |
security |
Repository: |
main |
Links
Other versions of "glibc" in Mantic
Packages in group
Deleted packages are displayed in grey.
Changelog
glibc (2.38-1ubuntu6.3) mantic-security; urgency=medium
* SECURITY UPDATE: Stack-based buffer overflow
- debian/patches/CVE-2024-33599.patch: CVE-2024-33599: nscd: Stack-
based buffer overflow in netgroup cache.
- CVE-2024-33599
* SECURITY UPDATE: Null pointer
- debian/patches/CVE-2024-33600_1.patch: CVE-2024-33600: nscd: Avoid
null pointer crashes after notfound response.
- debian/patches/CVE-2024-33600_2.patch: CVE-2024-33600: nscd: Do
not send missing not-found response in addgetnetgrentX.
- CVE-2024-33600
* SECURITY UPDATE: Memory corruption
- debian/patches/CVE-2024-33601_33602.patch: CVE-2024-33601, CVE-
2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX.
- CVE-2024-33601
- CVE-2024-33602
-- Paulo Flabiano Smorigo <email address hidden> Tue, 30 Apr 2024 15:11:13 -0300
|
Source diff to previous version |
CVE-2024-33599 |
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then |
CVE-2024-33600 |
nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the |
CVE-2024-33601 |
nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xreallo |
CVE-2024-33602 |
nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the N |
|
glibc (2.38-1ubuntu6.2) mantic-security; urgency=medium
* SECURITY UPDATE: OOB write in iconv plugin ISO-2022-CN-EXT
- debian/patches/CVE-2024-2961.patch: fix out-of-bound writes when
writing escape sequence in iconvdata/Makefile,
iconvdata/iso-2022-cn-ext.c, iconvdata/tst-iconv-iso-2022-cn-ext.c.
- CVE-2024-2961
-- Marc Deslauriers <email address hidden> Tue, 16 Apr 2024 09:38:28 -0400
|
Source diff to previous version |
CVE-2024-2961 |
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting string |
|
glibc (2.38-1ubuntu6.1) mantic-security; urgency=medium
* SECURITY UPDATE: multiple syslog() security issues
- debian/patches/CVE-2023-6246.patch: Fix heap buffer overflow in
misc/Makefile, misc/syslog.c, misc/tst-syslog-long-progname.c.
- debian/patches/CVE-2023-6779.patch: Fix heap buffer overflow in
misc/syslog.c.
- debian/patches/CVE-2023-6780.patch: Fix integer overflow in
misc/syslog.c.
- CVE-2023-6246
- CVE-2023-6779
- CVE-2023-6780
-- Marc Deslauriers <email address hidden> Wed, 31 Jan 2024 08:04:28 -0500
|
CVE-2023-6246 |
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog fun |
CVE-2023-6779 |
An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and |
CVE-2023-6780 |
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. T |
|
About
-
Send Feedback to @ubuntu_updates