Package "klibc"
Name: |
klibc
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- small utilities built with klibc for early boot
- minimal libc subset for use with initramfs
- kernel headers used during the build of klibc
|
Latest version: |
2.0.4-9ubuntu2.2 |
Release: |
bionic (18.04) |
Level: |
updates |
Repository: |
main |
Links
Other versions of "klibc" in Bionic
Packages in group
Deleted packages are displayed in grey.
Changelog
klibc (2.0.4-9ubuntu2.2) bionic; urgency=medium
[ Khaled Elmously ]
* d/p/lp1947099-honour-user-requested-timeouts-in-all-cases.patch:
Honour user-specified timeouts even in error cases. (LP: #1947099)
[ Mauricio Faria de Oliveira ]
* d/p/lp1947099-fix-for-no-timeout-specified.patch: Check for an
user-specified timeout before checking/adjusting timeout values.
-- Mauricio Faria de Oliveira <email address hidden> Mon, 25 Apr 2022 11:39:01 -0300
|
Source diff to previous version |
1947099 |
ipconfig does not honour user-requested timeouts in some cases |
|
klibc (2.0.4-9ubuntu2.1) bionic-security; urgency=medium
* SECURITY UPDATE: integer overflow in calloc
- debian/patches/CVE-2021-31870.patch: add overflow check
when performing the multiplication in usr/klibc/calloc.c.
- CVE-2021-31870
* SECURITY UPDATE: integer overflow in cpio
- debian/patches/CVE-2021-31871.patch: remove cast to unsigned
to avoid a possible overflow in 64 bit systems in
usr/utils/cpio.c.
- CVE-2021-31871
* SECURITY UPDATE: integer overflow in read_in_new_ascii
- debian/patches/CVE-2021-31872.patch: ensure that c_namesize
and c_filesize are smaller than LONG_MAX in usr/utils/cpio.c.
- CVE-2021-31872
* SECURITY UPDATE: integer overflow in malloc
- debian/patches/CVE-2021-31873.patch: ensure that size is smaller
than PTRDIFF_MAX in usr/klibc/malloc.c.
- CVE-2021-31873
-- David Fernandez Gonzalez <email address hidden> Wed, 13 Apr 2022 10:41:23 +0200
|
CVE-2021-31870 |
An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer |
CVE-2021-31871 |
An issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in a NULL pointer dereference on 64-bit systems. |
CVE-2021-31872 |
An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overf |
CVE-2021-31873 |
An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer over |
|
About
-
Send Feedback to @ubuntu_updates