Publishing details

Removed from disk on 2020-06-07.
Removal requested on 2020-06-06.
Superseded on 2020-06-05 by glibc - 2.27-3ubuntu1.2
Published on 2019-07-03

Changelog

glibc (2.27-3ubuntu1.1) bionic-security; urgency=medium

  * SECURITY UPDATE: integer overflow in realpath
    - debian/patches/any/CVE-2018-11236.patch: fix path length overflow in
      realpath in stdlib/Makefile, stdlib/canonicalize.c,
      stdlib/test-bz22786.c.
    - CVE-2018-11236
  * SECURITY UPDATE: buffer overflow in __mempcpy_avx512_no_vzeroupper
    - debian/patches/any/CVE-2018-11237-1.patch: don't write beyond
      destination in string/test-mempcpy.c,
      sysdeps/x86_64/multiarch/memmove-avx512-no-vzeroupper.S.
    - debian/patches/any/CVE-2018-11237-2.patch: add a test case in
      string/test-memcpy.c.
    - CVE-2018-11237
  * SECURITY UPDATE: if_nametoindex() does not close descriptor
    - debian/patches/any/CVE-2018-19591.patch: fix descriptor for overlong
      name in sysdeps/unix/sysv/linux/if_index.c.
    - CVE-2018-19591

 -- Marc Deslauriers <email address hidden>  Wed, 03 Jul 2019 08:06:56 -0400

Available diffs

diff from 2.27-3ubuntu1 (in ~adconrad/ubuntu/staging) to 2.27-3ubuntu1.1 (5.4 KiB)

Builds

Package files

No files published for this package.