glibc 2.21-0ubuntu4.2 source package in Ubuntu

Changelog

glibc (2.21-0ubuntu4.2) wily-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in gethostbyname_r and related
    functions
    - debian/patches/any/CVE-2015-1781.diff: take alignment padding
      into account when computing if buffer is too small.
    - CVE-2015-1781
  * SECURITY UPDATE: glibc Name Service Switch (NSS) denial of sevice
    - debian/patches/any/CVE-2014-8121-1.diff: do not close NSS files
      database during iteration.
    - debian/patches/any/CVE-2014-8121-2.diff: Separate internal state
      between getXXent and getXXbyYY NSS calls.
    - CVE-2014-8121
  * SECURITY UPDATE: glibc unbounded stack usage in NaN strtod
    conversion
    - debian/patches/any/CVE-2014-9761-1.diff: Refactor strtod parsing
      of NaN payloads.
    - debian/patches/any/CVE-2014-9761-1.diff:  Fix nan functions
      handling of payload strings
    - CVE-2014-9761
  * SECURITY UPDATE: out of range data to strftime() causes segfault
    (denial of service)
    - debian/patches/any/CVE-2015-8776.diff: add range checks to
      strftime() processing
    - CVE-2015-8776
  * SECURITY UPDATE: glibc honors LD_POINTER_GUARD env for setuid
    AT_SECURE programs (e.g. setuid), allowing disabling of pointer
    mangling
    - debian/patches/any/CVE-2015-8777.diff: Always enable pointer
      guard
    - CVE-2015-8777
  * SECURITY UPDATE: integer overflow in hcreate and hcreate_r
    - debian/patches/any/CVE-2015-8778.diff: check for large inputs
    - CVE-2015-8778
  * SECURITY UPDATE: unbounded stack allocation in catopen()
    - debian/patches/any/CVE-2015-8779.diff: stop using unbounded
      alloca()
    - CVE-2015-8779
  * SECURITY UPDATE: Stack overflow in _nss_dns_getnetbyname_r
    - debian/patches/any/CVE-2016-3075.diff: do not make unneeded
      memory copy on the stack.
    - CVE-2016-3075
  * SECURITY UPDATE: pt_chown privilege escalation
    - debian/patches/any/CVE-2016-2856.diff: grantpt: trust the kernel
      about pty group and permission mode
    - debian/sysdeps/linux.mk: don't build pt_chown
    - debian/rules.d/debhelper.mk: only install pt_chown when built.
    - CVE-2016-2856, CVE-2013-2207
  * debian/debhelper.in/libc.postinst: add reboot notifications for
    security updates (LP: #1546457)

 -- Steve Beattie <email address hidden>  Fri, 08 Apr 2016 09:44:34 -0700

Upload details

Uploaded by:
Steve Beattie on 2016-04-09
Uploaded to:
Wily
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
glibc_2.21.orig.tar.xz 12.1 MiB b197d29dd114b1d487bc5153861d7c807d3948c84ac0f183f9b4c0790da8a4f4
glibc_2.21-0ubuntu4.2.debian.tar.xz 1008.8 KiB 141626b41ee136413890dd4174f9a75016eeae05007873e8cc695a820b64d4dc
glibc_2.21-0ubuntu4.2.dsc 8.5 KiB a644efaf4de5cedf55db84c0bd19d6c909d109a83731aa429d4c6319d2e31d84

View changes file

Binary packages built by this source

glibc-doc: No summary available for glibc-doc in ubuntu wily.

No description available for glibc-doc in ubuntu wily.

glibc-source: No summary available for glibc-source in ubuntu wily.

No description available for glibc-source in ubuntu wily.

libc-bin: No summary available for libc-bin in ubuntu wily.

No description available for libc-bin in ubuntu wily.

libc-bin-dbgsym: No summary available for libc-bin-dbgsym in ubuntu wily.

No description available for libc-bin-dbgsym in ubuntu wily.

libc-dev-bin: No summary available for libc-dev-bin in ubuntu wily.

No description available for libc-dev-bin in ubuntu wily.

libc-dev-bin-dbgsym: No summary available for libc-dev-bin-dbgsym in ubuntu wily.

No description available for libc-dev-bin-dbgsym in ubuntu wily.

libc6: No summary available for libc6 in ubuntu wily.

No description available for libc6 in ubuntu wily.

libc6-amd64: No summary available for libc6-amd64 in ubuntu wily.

No description available for libc6-amd64 in ubuntu wily.

libc6-amd64-dbgsym: No summary available for libc6-amd64-dbgsym in ubuntu wily.

No description available for libc6-amd64-dbgsym in ubuntu wily.

libc6-armel: No summary available for libc6-armel in ubuntu wily.

No description available for libc6-armel in ubuntu wily.

libc6-armel-dbgsym: No summary available for libc6-armel-dbgsym in ubuntu wily.

No description available for libc6-armel-dbgsym in ubuntu wily.

libc6-dbg: No summary available for libc6-dbg in ubuntu wily.

No description available for libc6-dbg in ubuntu wily.

libc6-dbgsym: No summary available for libc6-dbgsym in ubuntu wily.

No description available for libc6-dbgsym in ubuntu wily.

libc6-dev: No summary available for libc6-dev in ubuntu wily.

No description available for libc6-dev in ubuntu wily.

libc6-dev-amd64: No summary available for libc6-dev-amd64 in ubuntu wily.

No description available for libc6-dev-amd64 in ubuntu wily.

libc6-dev-armel: No summary available for libc6-dev-armel in ubuntu wily.

No description available for libc6-dev-armel in ubuntu wily.

libc6-dev-i386: No summary available for libc6-dev-i386 in ubuntu wily.

No description available for libc6-dev-i386 in ubuntu wily.

libc6-dev-ppc64: No summary available for libc6-dev-ppc64 in ubuntu wily.

No description available for libc6-dev-ppc64 in ubuntu wily.

libc6-dev-x32: No summary available for libc6-dev-x32 in ubuntu wily.

No description available for libc6-dev-x32 in ubuntu wily.

libc6-i386: No summary available for libc6-i386 in ubuntu wily.

No description available for libc6-i386 in ubuntu wily.

libc6-i386-dbgsym: No summary available for libc6-i386-dbgsym in ubuntu wily.

No description available for libc6-i386-dbgsym in ubuntu wily.

libc6-pic: No summary available for libc6-pic in ubuntu wily.

No description available for libc6-pic in ubuntu wily.

libc6-ppc64: No summary available for libc6-ppc64 in ubuntu wily.

No description available for libc6-ppc64 in ubuntu wily.

libc6-ppc64-dbgsym: No summary available for libc6-ppc64-dbgsym in ubuntu wily.

No description available for libc6-ppc64-dbgsym in ubuntu wily.

libc6-udeb: No summary available for libc6-udeb in ubuntu wily.

No description available for libc6-udeb in ubuntu wily.

libc6-udeb-dbgsym: No summary available for libc6-udeb-dbgsym in ubuntu wily.

No description available for libc6-udeb-dbgsym in ubuntu wily.

libc6-x32: No summary available for libc6-x32 in ubuntu wily.

No description available for libc6-x32 in ubuntu wily.

libc6-x32-dbgsym: No summary available for libc6-x32-dbgsym in ubuntu wily.

No description available for libc6-x32-dbgsym in ubuntu wily.

libnss-dns-udeb: No summary available for libnss-dns-udeb in ubuntu wily.

No description available for libnss-dns-udeb in ubuntu wily.

libnss-dns-udeb-dbgsym: No summary available for libnss-dns-udeb-dbgsym in ubuntu wily.

No description available for libnss-dns-udeb-dbgsym in ubuntu wily.

libnss-files-udeb: No summary available for libnss-files-udeb in ubuntu wily.

No description available for libnss-files-udeb in ubuntu wily.

libnss-files-udeb-dbgsym: No summary available for libnss-files-udeb-dbgsym in ubuntu wily.

No description available for libnss-files-udeb-dbgsym in ubuntu wily.

multiarch-support: No summary available for multiarch-support in ubuntu wily.

No description available for multiarch-support in ubuntu wily.

nscd: No summary available for nscd in ubuntu wily.

No description available for nscd in ubuntu wily.

nscd-dbgsym: No summary available for nscd-dbgsym in ubuntu wily.

No description available for nscd-dbgsym in ubuntu wily.