UbuntuUpdates.org

Package "glibc"

Name: glibc

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • GNU C Library: Documentation
  • GNU C Library: Binaries
  • GNU C Library: Development binaries
  • GNU C Library: Development tools
Latest version: 2.38-1ubuntu6.2
Release: mantic (23.10)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "glibc" in Mantic

Repository Area Version
base main 2.38-1ubuntu6
base universe 2.38-1ubuntu6
security main 2.38-1ubuntu6.2
security universe 2.38-1ubuntu6.2
updates universe 2.38-1ubuntu6.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.38-1ubuntu6.2 2024-04-18 15:07:29 UTC

  glibc (2.38-1ubuntu6.2) mantic-security; urgency=medium

  * SECURITY UPDATE: OOB write in iconv plugin ISO-2022-CN-EXT
    - debian/patches/CVE-2024-2961.patch: fix out-of-bound writes when
      writing escape sequence in iconvdata/Makefile,
      iconvdata/iso-2022-cn-ext.c, iconvdata/tst-iconv-iso-2022-cn-ext.c.
    - CVE-2024-2961

 -- Marc Deslauriers <email address hidden> Tue, 16 Apr 2024 09:38:28 -0400
Source diff to previous version
CVE-2024-2961 The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting string

Version: 2.38-1ubuntu6.1 2024-02-01 15:08:45 UTC

  glibc (2.38-1ubuntu6.1) mantic-security; urgency=medium

  * SECURITY UPDATE: multiple syslog() security issues
    - debian/patches/CVE-2023-6246.patch: Fix heap buffer overflow in
      misc/Makefile, misc/syslog.c, misc/tst-syslog-long-progname.c.
    - debian/patches/CVE-2023-6779.patch: Fix heap buffer overflow in
      misc/syslog.c.
    - debian/patches/CVE-2023-6780.patch: Fix integer overflow in
      misc/syslog.c.
    - CVE-2023-6246
    - CVE-2023-6779
    - CVE-2023-6780

 -- Marc Deslauriers <email address hidden> Wed, 31 Jan 2024 08:04:28 -0500
CVE-2023-6246 A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog fun
CVE-2023-6779 An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and
CVE-2023-6780 An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. T


About   -   Send Feedback to @ubuntu_updates