klibc 2.0.10-4ubuntu0.1 source package in Ubuntu
Changelog
klibc (2.0.10-4ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: improper pointer arithmetic
- debian/patches/CVE-2016-9840.patch: remove offset pointer optimization
in usr/klibc/zlib/inftrees.c.
- CVE-2016-9840
* SECURITY UPDATE: improper pointer arithmetic
- debian/patches/CVE-2016-9841.patch: remove offset pointer optimization
in usr/klibc/zlib/inffast.c.
- CVE-2016-9841
* SECURITY UPDATE: memory corruption during compression
- debian/patches/CVE-2018-25032.patch: addresses a bug that can crash
deflate on rare inputs when using Z_FIXED.
- CVE-2018-25032
* SECURITY UPDATE: heap-based buffer over-read
- debian/patches/CVE-2022-37434-1.patch: adds an extra condition to check
if state->head->extra_max is greater than len before copying, and moves
the len assignment to be placed before the check in
usr/klibc/zlib/inflate.c.
- debian/patches/CVE-2022-37434-2.patch: in the previous patch, the
placement of the len assignment was causing issues so it was moved
within the conditional check.
- CVE-2022-37434
-- Ian Constantin <email address hidden> Sat, 13 Apr 2024 12:34:04 +0300
Upload details
- Uploaded by:
- Ian Constantin
- Uploaded to:
- Jammy
- Original maintainer:
- Ubuntu Developers
- Architectures:
- linux-any
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Jammy | updates | main | libs | |
| Jammy | security | main | libs |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| klibc_2.0.10.orig.tar.xz | 463.0 KiB | 662753da8889e744dfc0db6eb4021c3377ee7ef8ed66d7d57765f8c9e25939cd |
| klibc_2.0.10-4ubuntu0.1.debian.tar.xz | 27.0 KiB | 4624fa5d961e9049581a34de1197646876cfd9f2e5fe7c5d56fc678972e29b7f |
| klibc_2.0.10-4ubuntu0.1.dsc | 2.1 KiB | 0db192a369ab82120cb7e095abc482951901af1213d66316b326b1c935313db7 |
Available diffs
Binary packages built by this source
- klibc-utils: small utilities built with klibc for early boot
This package contains a collection of programs that are linked
against klibc. These duplicate some of the functionality of a
regular Linux toolset, but are typically much smaller than their
full-function counterparts. They are intended for inclusion in
initramfs images and embedded systems.
- klibc-utils-dbgsym: debug symbols for klibc-utils
- libklibc: minimal libc subset for use with initramfs
klibc is intended to be a minimalistic libc subset for use with
initramfs. It is deliberately written for small size, minimal
entanglement, and portability, not speed. It is definitely a work in
progress, and a lot of things are still missing.
- libklibc-dbgsym: debug symbols for libklibc
- libklibc-dev: kernel headers used during the build of klibc
This package contains the set of kernel headers that were required to
build klibc and the utilities that ship with it. This may or may
not be a complete enough set to build other programs that link against
klibc. If in doubt, use real kernel headers instead.
