UbuntuUpdates.org

Package "glibc"

Name: glibc

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • GNU C Library: sources
  • GNU C Library: PIC archive library
  • GNU C Library: Precompiled locale data
  • GNU C Library: Name Service Cache Daemon

Latest version: 2.23-0ubuntu11.2
Release: xenial (16.04)
Level: security
Repository: universe

Links



Other versions of "glibc" in Xenial

Repository Area Version
base main 2.23-0ubuntu3
base universe 2.23-0ubuntu3
security main 2.23-0ubuntu11.2
updates universe 2.23-0ubuntu11.2
updates main 2.23-0ubuntu11.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.23-0ubuntu11.2 2020-07-06 20:06:24 UTC

  glibc (2.23-0ubuntu11.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Use-after-free in clntudp_call
    - debian/patches/CVE-2017-12133.patch: avoid use-after-free read access
      in sunrpc/Makefile, sunrpc/clnt_udp.c, sunrpc/tst-udp-error.c.
    - CVE-2017-12133
  * SECURITY UPDATE: overlap in SSE2-optimized memmove implementation
    - debian/patches/CVE-2017-18269.patch: fixed branch conditions in
      string/test-memmove.c,
      sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S.
    - CVE-2017-18269
  * SECURITY UPDATE: integer overflow in posix_memalign
    - debian/patches/CVE-2018-6485.patch: fix integer overflows in internal
      memalign and malloc in malloc/Makefile, malloc/malloc.c,
      malloc/tst-malloc-too-large.c.
    - CVE-2018-6485
  * SECURITY UPDATE: integer overflow in realpath
    - debian/patches/any/CVE-2018-11236.patch: fix path length overflow in
      realpath in stdlib/Makefile, stdlib/canonicalize.c,
      stdlib/test-bz22786.c.
    - CVE-2018-11236
  * SECURITY UPDATE: buffer overflow in __mempcpy_avx512_no_vzeroupper
    - debian/patches/any/CVE-2018-11237.patch: don't write beyond
      destination in string/test-mempcpy.c,
      sysdeps/x86_64/multiarch/memcpy-avx512-no-vzeroupper.S.
    - CVE-2018-11237
  * SECURITY UPDATE: heap over-read via regular-expression match
    - debian/patches/any/CVE-2019-9169.patch: fix read overrun in
      posix/regexec.c.
    - CVE-2019-9169
  * SECURITY UPDATE: ASLR bypass
    - debian/patches/any/CVE-2019-19126.patch: check __libc_enable_secure
      before honoring LD_PREFER_MAP_32BIT_EXEC in
      sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h.
    - CVE-2019-19126
  * SECURITY UPDATE: out-of-bounds write on PowerPC
    - debian/patches/any/CVE-2020-1751.patch: fix array overflow in
      backtrace on PowerPC in debug/tst-backtrace5.c,
      sysdeps/powerpc/powerpc32/backtrace.c,
      sysdeps/powerpc/powerpc64/backtrace.c.
    - CVE-2020-1751
  * SECURITY UPDATE: use-after-free via tilde expansion
    - debian/patches/any/CVE-2020-1752.patch: fix use-after-free in glob
      when expanding ~user in posix/glob.c.
    - CVE-2020-1752
  * SECURITY UPDATE: stack overflow via 80-bit long double function
    - debian/patches/any/CVE-2020-10029.patch: avoid ldbl-96 stack
      corruption from range reduction of pseudo-zero in
      sysdeps/ieee754/ldbl-96/e_rem_pio2l.c,
    - CVE-2020-10029

 -- Marc Deslauriers <email address hidden> Thu, 04 Jun 2020 13:56:35 -0400

Source diff to previous version
CVE-2017-12133 Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote at
CVE-2017-18269 An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.
CVE-2018-6485 An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier coul
CVE-2018-11236 stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath functi
CVE-2018-11237 An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the targ
CVE-2019-9169 In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-
CVE-2019-19126 On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during progra
CVE-2020-1751 An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function
CVE-2020-1752 A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths co
CVE-2020-10029 The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double func

Version: 2.23-0ubuntu10 2018-01-17 12:06:42 UTC

  glibc (2.23-0ubuntu10) xenial-security; urgency=medium

  * SECURITY UPDATE: Memory leak in dynamic loader (ld.so)
    - debian/patches/any/cvs-compute-correct-array-size-in-_dl_init_paths.diff:
      Compute correct array size in _dl_init_paths
    - CVE-2017-1000408
  * SECURITY UPDATE: Buffer overflow in dynamic loader (ld.so)
    - debian/patches/any/cvs-count-components-of-expanded-path-in-_dl_init_paths.diff:
      Count components of the expanded path in _dl_init_path
    - CVE-2017-1000409
  * SECURITY UPDATE: One-byte overflow in glob
    - debian/patches/any/cvs-fix-one-byte-glob-overflow.diff: Fix one-byte
      overflow in glob
    - CVE-2017-15670
  * SECURITY UPDATE: Buffer overflow in glob
    - debian/patches/any/cvs-fix-glob-buffer-overflow.diff: Fix buffer overflow
      during GLOB_TILDE unescaping
    - CVE-2017-15804
  * SECURITY UPDATE: Local privilege escalation via mishandled RPATH / RUNPATH
    - debian/patches/any/cvs-elf-check-for-empty-tokens.diff: elf: Check for
      empty tokens before dynamic string token expansion
    - CVE-2017-16997
  * SECURITY UPDATE: Buffer underflow in realpath()
    - debian/patches/any/cvs-make-getcwd-fail-if-path-is-no-absolute.diff:
      Make getcwd(3) fail if it cannot obtain an absolute path
    - CVE-2018-1000001

 -- Chris Coulson <email address hidden> Sun, 14 Jan 2018 20:06:26 +0000

Source diff to previous version

Version: 2.23-0ubuntu9 2017-06-19 17:06:26 UTC

  glibc (2.23-0ubuntu9) xenial-security; urgency=medium

  * SECURITY UPDATE: LD_LIBRARY_PATH stack corruption
    - debian/patches/any/CVE-2017-1000366.patch: Completely ignore
      LD_LIBRARY_PATH for AT_SECURE=1 programs
    - CVE-2017-1000366
  * SECURITY UPDATE: LD_PRELOAD stack corruption
    - debian/patches/any/upstream-harden-rtld-Reject-overly-long-LD_PRELOAD.patch:
      Reject overly long names or names containing directories in
      LD_PRELOAD for AT_SECURE=1 programs.
  * debian/patches/any/cvs-harden-glibc-malloc-metadata.patch: add
    additional consistency check for 1-byte overflows
  * debian/patches/any/cvs-harden-ignore-LD_HWCAP_MASK.patch: ignore
    LD_HWCAP_MASK for AT_SECURE=1 programs

 -- Steve Beattie <email address hidden> Fri, 16 Jun 2017 12:04:15 -0700

Source diff to previous version
CVE-2017-1000 RESERVED

Version: 2.23-0ubuntu7 2017-03-22 00:06:56 UTC

  glibc (2.23-0ubuntu7) xenial-security; urgency=medium

  * REGRESSION UPDATE: Previous update introduced ABI breakage in
    internal glibc query ABI
    - Revert patches/any/CVE-2015-5180-regression.diff
      (LP: #1674532)

 -- Steve Beattie <email address hidden> Tue, 21 Mar 2017 08:54:23 -0700

Source diff to previous version
CVE-2015-5180 DNS resolver NULL pointer dereference with crafted record type

Version: 2.23-0ubuntu6 2017-03-21 02:06:54 UTC

  glibc (2.23-0ubuntu6) xenial-security; urgency=medium

  * SECURITY UPDATE: DNS resolver NULL pointer dereference with
    crafted record type
    - patches/any/CVE-2015-5180.diff: use out of band signaling for
      internal queries
    - CVE-2015-5180
  * Rebuild to get the following fixes into the xenial-security pocket:
    - SECURITY UPDATE: stack-based buffer overflow in the glob
      implementation
      + patches/git-updates.diff: Simplify the interface for the
        GLOB_ALTDIRFUNC callback gl_readdir
      + CVE-2016-1234
    - SECURITY UPDATE: getaddrinfo: stack overflow in hostent
      conversion
      + patches/git-updates.diff: Use a heap allocation instead
      + CVE-2016-3706:
    - SECURITY UPDATE: stack exhaustion in clntudp_call
      + patches/git-updates.diff: Use malloc/free for the error
        payload.
      + CVE-2016-4429
    - SECURITY UPDATE: memory exhaustion DoS in libresolv
      + patches/git-updates.diff: Simplify handling of nameserver
        configuration in resolver
      + CVE-2016-5417
    - SECURITY UPDATE: ARM32 backtrace infinite loop (DoS)
      + patches/git-updates.diff: mark __startcontext as .cantunwind
      + CVE-2016-6323

 -- Steve Beattie <email address hidden> Mon, 06 Mar 2017 16:47:32 -0800

CVE-2015-5180 DNS resolver NULL pointer dereference with crafted record type
CVE-2016-1234 Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-depende
CVE-2016-3706 Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attack
CVE-2016-4429 Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to caus
CVE-2016-5417 Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows
CVE-2016-6323 The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI



About   -   Send Feedback to @ubuntu_updates