Publishing details
Changelog
glibc (2.30-0ubuntu2.2) eoan-security; urgency=medium
* SECURITY UPDATE: ASLR bypass
- debian/patches/any/CVE-2019-19126.patch: check __libc_enable_secure
before honoring LD_PREFER_MAP_32BIT_EXEC in
sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h.
- CVE-2019-19126
* SECURITY UPDATE: out-of-bounds write on PowerPC
- debian/patches/any/CVE-2020-1751.patch: fix array overflow in
backtrace on PowerPC in debug/tst-backtrace5.c,
sysdeps/powerpc/powerpc32/backtrace.c,
sysdeps/powerpc/powerpc64/backtrace.c.
- CVE-2020-1751
* SECURITY UPDATE: use-after-free via tilde expansion
- debian/patches/any/CVE-2020-1752.patch: fix use-after-free in glob
when expanding ~user in posix/glob.c.
- CVE-2020-1752
* SECURITY UPDATE: stack overflow via 80-bit long double function
- debian/patches/any/CVE-2020-10029-1.patch: avoid ldbl-96 stack
corruption from range reduction of pseudo-zero in
sysdeps/ieee754/ldbl-96/Makefile,
sysdeps/ieee754/ldbl-96/e_rem_pio2l.c,
sysdeps/ieee754/ldbl-96/test-sinl-pseudo.c.
- debian/patches/any/CVE-2020-10029-2.patch: use stack protector only
if available in sysdeps/ieee754/ldbl-96/Makefile.
- CVE-2020-10029
-- Marc Deslauriers <email address hidden> Thu, 04 Jun 2020 13:19:08 -0400
Builds
Package files