Package "libc6-prof"
Name: |
libc6-prof
|
Description: |
Embedded GNU C Library: Profiling Libraries
|
Latest version: |
2.15-0ubuntu10.23 |
Release: |
precise (12.04) |
Level: |
security |
Repository: |
main |
Head package: |
eglibc |
Homepage: |
http://www.eglibc.org |
Links
Download "libc6-prof"
Other versions of "libc6-prof" in Precise
Changelog
eglibc (2.15-0ubuntu10.23) precise-security; urgency=medium
* Removing locale/locales-all from debian/control since in Precise
it uses langpack-locales and no binary is created in eglibc for locales
-- <email address hidden> (Leonidas S. Barbosa) Thu, 05 Mar 2020 13:38:43 -0300
|
Source diff to previous version |
eglibc (2.15-0ubuntu10.18) precise-security; urgency=medium
* REGRESSION UPDATE: IPv6 addresses not being returned from a
dual-stack ipv4-ipv6 host query.
- Revert patches/any/CVE-2016-3706.diff (LP: #1674776)
-- Steve Beattie <email address hidden> Thu, 23 Mar 2017 11:38:25 -0700
|
Source diff to previous version |
1674776 |
getaddrinfo() dont work correct with ipv4+ipv6 addreses aftrer upgrade libc6 in Ubuntu Precise |
CVE-2016-3706 |
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attack |
|
eglibc (2.15-0ubuntu10.17) precise-security; urgency=medium
* REGRESSION UPDATE: Previous update introduce ABI breakage in
internal glibc query ABI
- Back out patches/any/CVE-2015-5180-regression.diff
(LP: #1674532)
-- Steve Beattie <email address hidden> Tue, 21 Mar 2017 08:49:32 -0700
|
Source diff to previous version |
CVE-2015-5180 |
DNS resolver NULL pointer dereference with crafted record type |
|
eglibc (2.15-0ubuntu10.16) precise-security; urgency=medium
* SECURITY UPDATE: multiple overflows in strxfrm()
- patches/any/CVE-2015-8982.diff: Fix memory handling in strxfrm_l
- CVE-2015-8982
* SECURITY UPDATE: _IO_wstr_overflow integer overflow
- patches/any/CVE-2015-8983.diff: Add checks for integer overflow
- CVE-2015-8983
* SECURITY UPDATE: buffer overflow (read past end of buffer) in
internal_fnmatch
- patches/any/CVE-2015-8984.diff: Remove extra increment when
skipping over collating symbol inside a bracket expression.
- CVE-2015-8984
* SECURITY UPDATE: DNS resolver NULL pointer dereference with
crafted record type
- patches/any/CVE-2015-5180.diff: Use out of band signaling for
internal queries
- CVE-2015-5180
* SECURITY UPDATE: stack-based buffer overflow in the glob
implementation
- patches/any/CVE-2016-1234.diff: Simplify the interface for the
GLOB_ALTDIRFUNC callback gl_readdir
- CVE-2016-1234
* SECURITY UPDATE: getaddrinfo: stack overflow in hostent conversion
- patches/any/CVE-2016-3706.diff: Use a heap allocation instead
- CVE-2016-3706:
* SECURITY UPDATE: stack exhaustion in clntudp_call
- patches/any/CVE-2016-4429.diff: Use malloc/free for the error
payload.
- CVE-2016-4429
* SECURITY UPDATE: ARM32 backtrace infinite loop (DoS)
- patches/any/CVE-2016-6323.diff: mark __startcontext as
.cantunwind
- CVE-2016-6323
-- Steve Beattie <email address hidden> Mon, 06 Mar 2017 09:37:30 -0800
|
Source diff to previous version |
CVE-2015-8982 |
Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial o |
CVE-2015-8983 |
Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c ... |
CVE-2015-8984 |
The fnmatch function in the GNU C Library (aka glibc or libc6) before ... |
CVE-2015-5180 |
DNS resolver NULL pointer dereference with crafted record type |
CVE-2016-1234 |
Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-depende |
CVE-2016-3706 |
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attack |
CVE-2016-4429 |
Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to caus |
CVE-2016-6323 |
The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI |
|
eglibc (2.15-0ubuntu10.15) precise-security; urgency=medium
* REGRESSION UPDATE: revert CVE-2014-9761 fix due to added symbol
dependency from libm to libc (LP: #1585614)
- debian/patches/any/CVE-2014-9761-2.diff: keep exporting
__strto*_nan symbols added to libc.
-- Steve Beattie <email address hidden> Thu, 26 May 2016 00:08:17 -0700
|
1585614 |
libc on 2016-05-25 causes Apache not to restart, libm.so.6: symbol __strtold_nan, version GLIBC_PRIVATE not defined in file libc.so.6 with link time |
CVE-2014-9761 |
Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of se |
|
About
-
Send Feedback to @ubuntu_updates