UbuntuUpdates.org

Package "locales-all"

Name: locales-all

Description:

GNU C Library: Precompiled locale data
Latest version: 2.38-1ubuntu6.2
Release: mantic (23.10)
Level: security
Repository: universe
Head package: glibc
Homepage: https://www.gnu.org/software/libc/libc.html

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "locales-all"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "locales-all" in Mantic

Repository Area Version
base universe 2.38-1ubuntu6
updates universe 2.38-1ubuntu6.2

Changelog

Version: 2.38-1ubuntu6.2 2024-04-18 14:06:57 UTC

  glibc (2.38-1ubuntu6.2) mantic-security; urgency=medium

  * SECURITY UPDATE: OOB write in iconv plugin ISO-2022-CN-EXT
    - debian/patches/CVE-2024-2961.patch: fix out-of-bound writes when
      writing escape sequence in iconvdata/Makefile,
      iconvdata/iso-2022-cn-ext.c, iconvdata/tst-iconv-iso-2022-cn-ext.c.
    - CVE-2024-2961

 -- Marc Deslauriers <email address hidden> Tue, 16 Apr 2024 09:38:28 -0400
Source diff to previous version
CVE-2024-2961 The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting string

Version: 2.38-1ubuntu6.1 2024-02-01 13:08:38 UTC

  glibc (2.38-1ubuntu6.1) mantic-security; urgency=medium

  * SECURITY UPDATE: multiple syslog() security issues
    - debian/patches/CVE-2023-6246.patch: Fix heap buffer overflow in
      misc/Makefile, misc/syslog.c, misc/tst-syslog-long-progname.c.
    - debian/patches/CVE-2023-6779.patch: Fix heap buffer overflow in
      misc/syslog.c.
    - debian/patches/CVE-2023-6780.patch: Fix integer overflow in
      misc/syslog.c.
    - CVE-2023-6246
    - CVE-2023-6779
    - CVE-2023-6780

 -- Marc Deslauriers <email address hidden> Wed, 31 Jan 2024 08:04:28 -0500
CVE-2023-6246 A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog fun
CVE-2023-6779 An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and
CVE-2023-6780 An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. T


About   -   Send Feedback to @ubuntu_updates