UbuntuUpdates.org

Package "eglibc"

Name: eglibc

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Embedded GNU C Library: Name Service Cache Daemon

Latest version: 2.19-0ubuntu6.15
Release: trusty (14.04)
Level: updates
Repository: universe

Links



Other versions of "eglibc" in Trusty

Repository Area Version
base universe 2.19-0ubuntu6
base main 2.19-0ubuntu6
security main 2.19-0ubuntu6.15
security universe 2.19-0ubuntu6.15
updates main 2.19-0ubuntu6.15

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.19-0ubuntu6.15 2019-04-03 14:06:30 UTC

  eglibc (2.19-0ubuntu6.15) trusty-security; urgency=medium

  * Fix NSS loading for static binaries (LP: #1821752)
    - debian/patches/any/local-static-dlopen-search-path.diff: fix static
      dlopen default library search path in elf/dl-support.c.

 -- Marc Deslauriers <email address hidden> Tue, 26 Mar 2019 09:53:00 -0400

Source diff to previous version
1821752 libc6 version 2.19 breaks NSS loading for static binaries

Version: 2.19-0ubuntu6.14 2018-01-17 14:06:43 UTC

  eglibc (2.19-0ubuntu6.14) trusty-security; urgency=medium

  * SECURITY UPDATE: Memory leak in dynamic loader (ld.so)
    - debian/patches/any/cvs-compute-correct-array-size-in-_dl_init_paths.diff:
      Compute correct array size in _dl_init_paths
    - CVE-2017-1000408
  * SECURITY UPDATE: Buffer overflow in dynamic loader (ld.so)
    - debian/patches/any/cvs-count-components-of-expanded-path-in-_dl_init_paths.diff:
      Count components of the expanded path in _dl_init_path
    - CVE-2017-1000409
  * SECURITY UPDATE: One-byte overflow in glob
    - debian/patches/any/cvs-fix-one-byte-glob-overflow.diff: Fix one-byte
      overflow in glob
    - CVE-2017-15670
  * SECURITY UPDATE: Buffer overflow in glob
    - debian/patches/any/cvs-fix-glob-buffer-overflow.diff: Fix buffer overflow
      during GLOB_TILDE unescaping
    - CVE-2017-15804
  * SECURITY UPDATE: Local privilege escalation via mishandled RPATH / RUNPATH
    - debian/patches/any/cvs-elf-check-for-empty-tokens.diff: elf: Check for
      empty tokens before dynamic string token expansion
    - CVE-2017-16997
  * SECURITY UPDATE: Buffer underflow in realpath()
    - debian/patches/any/cvs-make-getcwd-fail-if-path-is-no-absolute.diff:
      Make getcwd(3) fail if it cannot obtain an absolute path
    - CVE-2018-1000001

 -- Chris Coulson <email address hidden> Mon, 15 Jan 2018 09:37:19 +0000

Source diff to previous version

Version: 2.19-0ubuntu6.13 2017-06-19 19:06:46 UTC

  eglibc (2.19-0ubuntu6.13) trusty-security; urgency=medium

  * SECURITY UPDATE: LD_LIBRARY_PATH stack corruption
    - debian/patches/any/CVE-2017-1000366.patch: Completely ignore
      LD_LIBRARY_PATH for AT_SECURE=1 programs
    - CVE-2017-1000366
  * SECURITY UPDATE: LD_PRELOAD stack corruption
    - debian/patches/any/upstream-harden-rtld-Reject-overly-long-LD_PRELOAD.patch:
      Reject overly long names or names containing directories in
      LD_PRELOAD for AT_SECURE=1 programs.
  * debian/patches/any/cvs-harden-glibc-malloc-metadata.patch: add
    additional consistency check for 1-byte overflows
  * debian/patches/any/cvs-harden-ignore-LD_HWCAP_MASK.patch: ignore
    LD_HWCAP_MASK for AT_SECURE=1 programs

 -- Steve Beattie <email address hidden> Fri, 16 Jun 2017 12:06:00 -0700

Source diff to previous version
CVE-2017-1000 RESERVED

Version: 2.19-0ubuntu6.11 2017-03-22 01:07:05 UTC

  eglibc (2.19-0ubuntu6.11) trusty-security; urgency=medium

  * REGRESSION UPDATE: Previous update introduced ABI breakage in
    internal glibc query ABI
    - Back out patches/any/CVE-2015-5180-regression.diff
      (LP: #1674532)

 -- Steve Beattie <email address hidden> Tue, 21 Mar 2017 03:28:13 -0700

Source diff to previous version
CVE-2015-5180 DNS resolver NULL pointer dereference with crafted record type

Version: 2.19-0ubuntu6.10 2017-03-21 03:06:53 UTC

  eglibc (2.19-0ubuntu6.10) trusty-security; urgency=medium

  * SECURITY UPDATE: multiple overflows in strxfrm()
    - patches/any/CVE-2015-8982.diff: Fix memory handling in strxfrm_l
    - CVE-2015-8982
  * SECURITY UPDATE: _IO_wstr_overflow integer overflow
    - patches/any/CVE-2015-8983.diff: Add checks for integer overflow
    - CVE-2015-8983
  * SECURITY UPDATE: buffer overflow (read past end of buffer) in
    internal_fnmatch
    - patches/any/CVE-2015-8984.diff: Remove extra increment when
      skipping over collating symbol inside a bracket expression.
    - CVE-2015-8984
  * SECURITY UPDATE: DNS resolver NULL pointer dereference with
    crafted record type
    - patches/any/CVE-2015-5180.diff: Use out of band signaling for
      internal queries
    - CVE-2015-5180
  * SECURITY UPDATE: stack-based buffer overflow in the glob
    implementation
    - patches/any/CVE-2016-1234.diff: Simplify the interface for the
      GLOB_ALTDIRFUNC callback gl_readdir
    - CVE-2016-1234
  * SECURITY UPDATE: getaddrinfo: stack overflow in hostent conversion
    - patches/any/CVE-2016-3706.diff: Use a heap allocation instead
    - CVE-2016-3706:
  * SECURITY UPDATE: stack exhaustion in clntudp_call
    - patches/any/CVE-2016-4429.diff: Use malloc/free for the error
      payload.
    - CVE-2016-4429
  * SECURITY UPDATE: ARM32 backtrace infinite loop (DoS)
    - patches/any/CVE-2016-6323.diff: mark __startcontext as
      .cantunwind
    - CVE-2016-6323
  * debian/testsuite-checking/expected-results-aarch64-linux-gnu-libc,
    debian/testsuite-checking/expected-results-arm-linux-gnueabihf-libc:
    Allow nptl/tst-signal6 to fail on ARM, ARM64

 -- Steve Beattie <email address hidden> Mon, 06 Mar 2017 16:49:25 -0800

CVE-2015-8982 Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial o
CVE-2015-8983 Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c ...
CVE-2015-8984 The fnmatch function in the GNU C Library (aka glibc or libc6) before ...
CVE-2015-5180 DNS resolver NULL pointer dereference with crafted record type
CVE-2016-1234 Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-depende
CVE-2016-3706 Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attack
CVE-2016-4429 Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to caus
CVE-2016-6323 The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI



About   -   Send Feedback to @ubuntu_updates