Package "glibc-doc"
| Name: |
glibc-doc
|
Description: |
Embedded GNU C Library: Documentation
|
| Latest version: |
2.19-0ubuntu6.15 |
| Release: |
trusty (14.04) |
| Level: |
updates |
| Repository: |
main |
| Head package: |
eglibc |
| Homepage: |
http://www.eglibc.org |
Links
Download "glibc-doc"
Other versions of "glibc-doc" in Trusty
Changelog
|
eglibc (2.19-0ubuntu6.9) trusty-security; urgency=medium
* REGRESSION UPDATE: revert CVE-2014-9761 fix due to added symbol
dependency from libm to libc (LP: #1585614)
- debian/patches/any/CVE-2014-9761-2.diff: keep exporting
__strto*_nan symbols added to libc.
-- Steve Beattie <email address hidden> Thu, 26 May 2016 01:04:18 -0700
|
| Source diff to previous version |
| 1585614 |
libc on 2016-05-25 causes Apache not to restart, libm.so.6: symbol __strtold_nan, version GLIBC_PRIVATE not defined in file libc.so.6 with link time |
| CVE-2014-9761 |
Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of se |
|
|
eglibc (2.19-0ubuntu6.8) trusty-security; urgency=medium
* SECURITY UPDATE: buffer overflow in gethostbyname_r and related
functions
- debian/patches/any/CVE-2015-1781.diff: take alignment padding
into account when computing if buffer is too small.
- CVE-2015-1781
* SECURITY UPDATE: glibc Name Service Switch (NSS) denial of sevice
- debian/patches/any/CVE-2014-8121-1.diff: do not close NSS files
database during iteration.
- debian/patches/any/CVE-2014-8121-2.diff: Separate internal state
between getXXent and getXXbyYY NSS calls.
- CVE-2014-8121
* SECURITY UPDATE: glibc unbounded stack usage in NaN strtod
conversion
- debian/patches/any/CVE-2014-9761-1.diff: Refactor strtod parsing
of NaN payloads.
- debian/patches/any/CVE-2014-9761-1.diff: Fix nan functions
handling of payload strings
- CVE-2014-9761
* SECURITY UPDATE: NSS files long line buffer overflow
- debian/patches/any/CVE-2015-5277.diff: Don't ignore too long
lines in nss_files
- CVE-2015-5277
* SECURITY UPDATE: out of range data to strftime() causes segfault
(denial of service)
- debian/patches/any/CVE-2015-8776.diff: add range checks to
strftime() processing
- CVE-2015-8776
* SECURITY UPDATE: glibc honors LD_POINTER_GUARD env for setuid
AT_SECURE programs (e.g. setuid), allowing disabling of pointer
mangling
- debian/patches/any/CVE-2015-8777.diff: Always enable pointer
guard
- CVE-2015-8777
* SECURITY UPDATE: integer overflow in hcreate and hcreate_r
- debian/patches/any/CVE-2015-8778.diff: check for large inputs
- CVE-2015-8778
* SECURITY UPDATE: unbounded stack allocation in catopen()
- debian/patches/any/CVE-2015-8779.diff: stop using unbounded
alloca()
- CVE-2015-8779
* SECURITY UPDATE: Stack overflow in _nss_dns_getnetbyname_r
- debian/patches/any/CVE-2016-3075.diff: do not make unneeded
memory copy on the stack.
- CVE-2016-3075
* SECURITY UPDATE: pt_chown privilege escalation
- debian/patches/any/CVE-2016-2856.diff: grantpt: trust the kernel
about pty group and permission mode
- debian/sysdeps/linux.mk: don't build pt_chown
- debian/rules.d/debhelper.mk: only install pt_chown when built.
- CVE-2016-2856, CVE-2013-2207
* debian/debhelper.in/libc.postinst: add reboot notifications for
security updates (LP: #1546457)
* debian/patches/ubuntu/submitted-no-stack-backtrace.diff: update
patch to eliminate compiler warning.
-- Steve Beattie <email address hidden> Fri, 08 Apr 2016 23:26:02 -0700
|
| Source diff to previous version |
| 1546457 |
libc6 2.15-0ubuntu10.13 doesn't mark reboot-required |
| CVE-2015-1781 |
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-depen |
| CVE-2014-8121 |
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if |
| CVE-2014-9761 |
Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of se |
| CVE-2015-5277 |
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow loc |
| CVE-2015-8776 |
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (applicat |
| CVE-2015-8777 |
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding prot |
| CVE-2015-8778 |
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application c |
| CVE-2015-8779 |
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause |
| CVE-2016-3075 |
Stack overflow in nss_dns_getnetbyname_r |
| CVE-2016-2856 |
pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie lacks a namespace check associated with file-descriptor passing, which allows lo |
| CVE-2013-2207 |
pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the |
|
|
eglibc (2.19-0ubuntu6.7) trusty-security; urgency=medium
* SECURITY UPDATE: glibc getaddrinfo stack-based buffer overflow
- debian/patches/any/CVE-2015-7547-pre1.diff: fix memory leak in
resolv/nss_dns/dns-host.c.
- debian/patches/any/CVE-2015-7547-pre2.diff: fix memory leak in
include/resolv.h, resolv/gethnamaddr.c, resolv/nss_dns/dns-canon.c,
resolv/nss_dns/dns-host.c, resolv/nss_dns/dns-network.c,
resolv/res_query.c, resolv/res_send.c.
- debian/patches/any/CVE-2015-7547.diff: fix buffer handling in
resolv/nss_dns/dns-host.c, resolv/res_query.c, resolv/res_send.c.
- CVE-2015-7547
-- Marc Deslauriers <email address hidden> Tue, 16 Feb 2016 11:35:05 -0500
|
| Source diff to previous version |
|
|
|
eglibc (2.19-0ubuntu6.6) trusty-security; urgency=medium
* SECURITY UPDATE: getaddrinfo writes to random file descriptors under
high load
- debian/patches/any/cvs-resolv-reuse-fd.diff: reload file descriptor
after calling reopen in resolv/res_send.c.
- CVE-2013-7423
* SECURITY UPDATE: denial of service via endless loop in getaddr_r
- debian/patches/any/cvs-getnetbyname.diff: iterate over alias names in
resolv/nss_dns/dns-network.c.
- CVE-2014-9402
* SECURITY UPDATE: buffer overflow in wscanf
- debian/patches/any/cvs-wscanf.diff: calculate correct size in
stdio-common/vfscanf.c, added test to stdio-common/tst-sscanf.c.
- CVE-2015-1472
- CVE-2015-1473
-- Marc Deslauriers <email address hidden> Wed, 25 Feb 2015 09:04:10 -0500
|
| Source diff to previous version |
| CVE-2013-7423 |
The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows re |
| CVE-2014-9402 |
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is |
| CVE-2015-1472 |
incorrect second argument to realloc leads to a buffer overflow |
| CVE-2015-1473 |
silly hairsplitting ID related to CVE-2015-1472 |
|
|
eglibc (2.19-0ubuntu6.5) trusty; urgency=medium
* patches/amd64/local-blacklist-on-TSX-Haswell.diff: new patch from
Henrique de Moraes Holschuh to disable TSX on processors which might get
it disabled through a microcode update. (LP: #1398975)
-- Chris J Arges <email address hidden> Thu, 04 Dec 2014 08:30:10 -0600
|
| 1398975 |
hardware-assisted lock elision hazardous on x86 |
|
About
-
Send Feedback to @ubuntu_updates
