Ubuntu

“eglibc” 2.13-20ubuntu5.1 source package in The Oneiric Ocelot

Publishing history

2.13-20ubuntu5.1
SUPERSEDED: Oneiric pocket Updates in component main and section libs
  • Removed from disk on 2012-10-03.
  • Removal requested on 2012-10-03.
  • Superseded on 2012-10-02 by eglibc - 2.13-20ubuntu5.2
  • Published on 2012-03-09
  • Copied from ubuntu oneiric in Private PPA for Ubuntu Security Team
2.13-20ubuntu5.1
SUPERSEDED: Oneiric pocket Security in component main and section libs
  • Removed from disk on 2012-10-03.
  • Removal requested on 2012-10-03.
  • Superseded on 2012-10-02 by eglibc - 2.13-20ubuntu5.2
  • Published on 2012-03-09
  • Copied from ubuntu oneiric in Private PPA for Ubuntu Security Team

Builds

Changelog

eglibc (2.13-20ubuntu5.1) oneiric-security; urgency=low

  * SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
    - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
      TZ file header
    - CVE-2009-5029
  * SECURITY UPDATE: ld.so insecure handling of privileged programs'
    RPATHs with $ORIGIN
    - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
      RPATH and ORIGIN
    - CVE-2011-1658
  * SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
    - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
      many open fds is detected
    - CVE-2011-4609
  * SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
    check bypass
    - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
      overflow
    - CVE-2012-0864
 -- Steve Beattie <email address hidden>   Tue, 06 Mar 2012 11:28:06 -0800