Bug#719558: marked as done (eglibc: CVE-2013-4237)

Debian Bug Tracking System Mon, 23 Dec 2013 04:07:11 -0800

Your message dated Mon, 23 Dec 2013 12:02:23 +0000
with message-id <e1vv4dh-0002kn...@franck.debian.org>
and subject line Bug#719558: fixed in eglibc 2.13-38+deb7u1
has caused the Debian Bug report #719558,
regarding eglibc: CVE-2013-4237
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
719558: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719558
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: eglibc
Severity: important
Tags: security

This was assigned CVE-2013-4237:
http://sourceware.org/bugzilla/show_bug.cgi?id=14699

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

Source: eglibc
Source-Version: 2.13-38+deb7u1

We believe that the bug you reported is fixed in the latest version of
eglibc, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 719...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Aurelien Jarno <aure...@debian.org> (supplier of updated eglibc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 05 Dec 2013 23:19:48 +0100
Source: eglibc
Binary: libc-bin libc-dev-bin glibc-doc eglibc-source locales locales-all nscd 
multiarch-support libc6 libc6-dev libc6-dbg libc6-prof libc6-pic libc6-udeb 
libc6.1 libc6.1-dev libc6.1-dbg libc6.1-prof libc6.1-pic libc6.1-udeb libc0.3 
libc0.3-dev libc0.3-dbg libc0.3-prof libc0.3-pic libc0.3-udeb libc0.1 
libc0.1-dev libc0.1-dbg libc0.1-prof libc0.1-pic libc0.1-udeb libc6-i386 
libc6-dev-i386 libc6-sparc64 libc6-dev-sparc64 libc6-s390 libc6-dev-s390 
libc6-s390x libc6-dev-s390x libc6-amd64 libc6-dev-amd64 libc6-powerpc 
libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mipsn32 libc6-dev-mipsn32 
libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-i686 
libc6-xen libc0.1-i686 libc0.3-i686 libc0.3-xen libc6.1-alphaev67 
libc6-loongson2f libnss-dns-udeb libnss-files-udeb
Architecture: source all amd64
Version: 2.13-38+deb7u1
Distribution: wheezy
Urgency: low
Maintainer: Aurelien Jarno <aure...@debian.org>
Changed-By: Aurelien Jarno <aure...@debian.org>
Description: 
 eglibc-source - Embedded GNU C Library: sources
 glibc-doc  - Embedded GNU C Library: Documentation
 libc-bin   - Embedded GNU C Library: Binaries
 libc-dev-bin - Embedded GNU C Library: Development binaries
 libc0.1    - Embedded GNU C Library: Shared libraries
 libc0.1-dbg - Embedded GNU C Library: detached debugging symbols
 libc0.1-dev - Embedded GNU C Library: Development Libraries and Header Files
 libc0.1-dev-i386 - Embedded GNU C Library: 32bit development libraries for 
AMD64
 libc0.1-i386 - Embedded GNU C Library: 32bit shared libraries for AMD64
 libc0.1-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
 libc0.1-pic - Embedded GNU C Library: PIC archive library
 libc0.1-prof - Embedded GNU C Library: Profiling Libraries
 libc0.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
 libc0.3    - Embedded GNU C Library: Shared libraries
 libc0.3-dbg - Embedded GNU C Library: detached debugging symbols
 libc0.3-dev - Embedded GNU C Library: Development Libraries and Header Files
 libc0.3-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
 libc0.3-pic - Embedded GNU C Library: PIC archive library
 libc0.3-prof - Embedded GNU C Library: Profiling Libraries
 libc0.3-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
 libc0.3-xen - Embedded GNU C Library: Shared libraries [Xen version]
 libc6      - Embedded GNU C Library: Shared libraries
 libc6-amd64 - Embedded GNU C Library: 64bit Shared libraries for AMD64
 libc6-dbg  - Embedded GNU C Library: detached debugging symbols
 libc6-dev  - Embedded GNU C Library: Development Libraries and Header Files
 libc6-dev-amd64 - Embedded GNU C Library: 64bit Development Libraries for AMD64
 libc6-dev-i386 - Embedded GNU C Library: 32-bit development libraries for AMD64
 libc6-dev-mips64 - Embedded GNU C Library: 64bit Development Libraries for 
MIPS64
 libc6-dev-mipsn32 - Embedded GNU C Library: n32 Development Libraries for 
MIPS64
 libc6-dev-powerpc - Embedded GNU C Library: 32bit powerpc development 
libraries for p
 libc6-dev-ppc64 - Embedded GNU C Library: 64bit Development Libraries for 
PowerPC64
 libc6-dev-s390 - Embedded GNU C Library: 32bit Development Libraries for IBM 
zSeri
 libc6-dev-s390x - Embedded GNU C Library: 64bit Development Libraries for IBM 
zSeri
 libc6-dev-sparc64 - Embedded GNU C Library: 64bit Development Libraries for 
UltraSPAR
 libc6-i386 - Embedded GNU C Library: 32-bit shared libraries for AMD64
 libc6-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
 libc6-loongson2f - Embedded GNU C Library: Shared libraries (Loongson 2F 
optimized)
 libc6-mips64 - Embedded GNU C Library: 64bit Shared libraries for MIPS64
 libc6-mipsn32 - Embedded GNU C Library: n32 Shared libraries for MIPS64
 libc6-pic  - Embedded GNU C Library: PIC archive library
 libc6-powerpc - Embedded GNU C Library: 32bit powerpc shared libraries for 
ppc64
 libc6-ppc64 - Embedded GNU C Library: 64bit Shared libraries for PowerPC64
 libc6-prof - Embedded GNU C Library: Profiling Libraries
 libc6-s390 - Embedded GNU C Library: 32bit Shared libraries for IBM zSeries
 libc6-s390x - Embedded GNU C Library: 64bit Shared libraries for IBM zSeries
 libc6-sparc64 - Embedded GNU C Library: 64bit Shared libraries for UltraSPARC
 libc6-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
 libc6-xen  - Embedded GNU C Library: Shared libraries [Xen version]
 libc6.1    - Embedded GNU C Library: Shared libraries
 libc6.1-alphaev67 - Embedded GNU C Library: Shared libraries (EV67 optimized)
 libc6.1-dbg - Embedded GNU C Library: detached debugging symbols
 libc6.1-dev - Embedded GNU C Library: Development Libraries and Header Files
 libc6.1-pic - Embedded GNU C Library: PIC archive library
 libc6.1-prof - Embedded GNU C Library: Profiling Libraries
 libc6.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
 libnss-dns-udeb - Embedded GNU C Library: NSS helper for DNS - udeb (udeb)
 libnss-files-udeb - Embedded GNU C Library: NSS helper for files - udeb (udeb)
 locales    - Embedded GNU C Library: National Language (locale) data [support]
 locales-all - Embedded GNU C Library: Precompiled locale data
 multiarch-support - Transitional package to ensure multiarch compatibility
 nscd       - Embedded GNU C Library: Name Service Cache Daemon
Closes: 665897 687530 689423 699399 699593 704598 704623 712196 717178 718890 
719558 722536 727181 730336
Changes: 
 eglibc (2.13-38+deb7u1) wheezy; urgency=low
 .
   [ Aurelien Jarno ]
   * debian/testsuite-checking/compare.sh: disable failing the build on test
     regressions to ease the pain of ongoing stable/security maintenance.
   * patches/any/cvs-CVE-2012-44xx.diff: backport overflow fixes in strcoll,
     addressing CVE-2012-4412 and CVE-2012-4424 (Closes: #687530, #689423).
   * patches/any/CVE-2013-0242.diff: backport buffer overrun fix in regexp
     matcher, addressing CVE-2013-0242 (Closes: #699399).
   * patches/cvs-CVE-2013-1914.diff: backport stack overflow fixes in
     getaddrinfo(), addressing CVE-2013-1914 (Closes: #704623).
   * patches/any/cvs-CVE-2013-4237.diff: backport buffer overwrite fix in
     readdir_r for file systems returning file names longer than NAME_MAX
     characters, addressing CVE-2013-4237 (Closes: #719558).
     patches/kfreebsd/local-readdir_r.diff: remove superseded by the CVE
     patch.
   * patches/any/cvs-CVE-2013-4332.diff: backport integer overflow fixes
     in pvalloc, valloc, posix_memalign, memalign and aligned_alloc functions,
     addressing CVE-2013-4332 (Closes: #722536).
   * patches/any/cvs-CVE-2013-4458.diff: backport stack (frame) overflow fixes
     in getaddrinfo() when called with AF_INET6, addressing CVE-2013-4458
     (Closes: #727181).
   * patches/any/cvs-CVE-2013-4788.diff: backport patch to fix PTR_MANGLE
     ineffectivity for statically linked binaries, addressing CVE-2013-4788
     (Closes: #717178). *** Note that static binaries need to be recompiled
     to take advantage of the fix ***.
   * patches/any/cvs-findlocale-div-by-zero.diff: patch from upstream to fix
     a SIGFPE when locale-archive has been corrupted to all zeros (Closes:
     #718890, #730336).
   * patches/mips/cvs-prlimit64.diff: patch from upstream to fix getrlimit64
     and setrlimit64 with recent 64-bit kernels (Closes: #665897).
 .
   [ Petr Salinger ]
   * patches/kfreebsd/local-initgroups-order.diff: always put supplied extra
     gid as the first entry of group list in setgroups(). Closes: #699593.
   * inline is not keyword in c89 mode, use __inline. Closes: #704598.
   * sys_ktimer_settime have 4 parameters. Closes: #712196.
Checksums-Sha1: 
 e1462783515ed99a59e370585480eecd3e56764a 4741 eglibc_2.13-38+deb7u1.dsc
 34b0f678ba7df2c40a671b5f2798f228622b4cf0 1995935 eglibc_2.13-38+deb7u1.diff.gz
 7d835efa15f18615055a49e07fd7658db73f4468 1896920 
glibc-doc_2.13-38+deb7u1_all.deb
 e2a242a81d88ad1dc8a8d3bdc31fef557aaa71de 13443492 
eglibc-source_2.13-38+deb7u1_all.deb
 baa583cc91c4655df5dd041f76e73b6774cdd554 5713646 locales_2.13-38+deb7u1_all.deb
 5348df82b98878ec6389edb82e7b4746f0575051 4349474 libc6_2.13-38+deb7u1_amd64.deb
 986818c5f89eb0c2c77bc58dd247da1b599b163f 2663472 
libc6-dev_2.13-38+deb7u1_amd64.deb
 5f9a300f0517ec5cdfee65f1db47e8aa2695455a 2104106 
libc6-prof_2.13-38+deb7u1_amd64.deb
 e57d8472842934842d526757038b14b38bdc4557 1611406 
libc6-pic_2.13-38+deb7u1_amd64.deb
 1ab8c2a50ca3da4a06e33ceff85b715511c50f48 1272292 
libc-bin_2.13-38+deb7u1_amd64.deb
 80183838e7772eca1fbab667f1ea0c065a22a060 226324 
libc-dev-bin_2.13-38+deb7u1_amd64.deb
 9727f2d9976941f4e501a99ac16b0e1ea05c6a06 150418 
multiarch-support_2.13-38+deb7u1_amd64.deb
 5d7a4801de6ab2432123edd4f9ee8300d5fbc3b4 3262482 
locales-all_2.13-38+deb7u1_amd64.deb
 3e472debdb85a3eca4a1248e6b7dbe0592153b90 4035596 
libc6-i386_2.13-38+deb7u1_amd64.deb
 715239dbce9d55a010628ae001238537fc16a49a 1589984 
libc6-dev-i386_2.13-38+deb7u1_amd64.deb
 14e02d7f35276cddabe1bd6f040afab2fc960fc7 214222 nscd_2.13-38+deb7u1_amd64.deb
 fbed10c45335cb42654bef8101351dee91a34260 2588416 
libc6-dbg_2.13-38+deb7u1_amd64.deb
 b0d8f3e3a105683525f6f90b999aa33c2192808a 942526 
libc6-udeb_2.13-38+deb7u1_amd64.udeb
 410f1e210869c754ee48d1803ed9ea303ae4a934 10194 
libnss-dns-udeb_2.13-38+deb7u1_amd64.udeb
 7d227eb9c1af42f4dc6493c4841eb96612fe935c 16050 
libnss-files-udeb_2.13-38+deb7u1_amd64.udeb
Checksums-Sha256: 
 1c0dc8a0160dfbcd97cbe5bdf4d3b00d090942db9efee66413ca100832d8cb23 4741 
eglibc_2.13-38+deb7u1.dsc
 9e5024aa58f87ebb037e6e27402a663af75f3b56219375da2090de4f6e312f99 1995935 
eglibc_2.13-38+deb7u1.diff.gz
 2744e67cf8cf309f1084afa0bf408cccb4e5523fb67bf4d660f4f4a9bf59fe8a 1896920 
glibc-doc_2.13-38+deb7u1_all.deb
 7bfee71669758afe3fcb8f44c54d0c2b2a8898e36dec56797a46e8d7cfa512ca 13443492 
eglibc-source_2.13-38+deb7u1_all.deb
 5d0aa27473c59ced85c389d0110e8e67a27890a8396662faa2cc234ee68a3daf 5713646 
locales_2.13-38+deb7u1_all.deb
 e294ae6e6eec38b7381f5d431ddf595d2d67c996fc9103705a94d7358da9c654 4349474 
libc6_2.13-38+deb7u1_amd64.deb
 426b173beffcd34ba685dd532f7e1835778da217a5676b55fa9762ec903334ba 2663472 
libc6-dev_2.13-38+deb7u1_amd64.deb
 72f1b23600ceed7644568dc683bccbd169bdcb618348bca5d2956f0554ff3835 2104106 
libc6-prof_2.13-38+deb7u1_amd64.deb
 b98dd3da513941eabd573fcc8c459ae54159e09889d563fcbe52db7eb35571fb 1611406 
libc6-pic_2.13-38+deb7u1_amd64.deb
 f1e4f6f31b3b093102ea2a01f65bb78e0176cc3c7d7bbbdf9a6989ecbc991a57 1272292 
libc-bin_2.13-38+deb7u1_amd64.deb
 2ec858db0416027da0e32fc64dcf6a8511c33e3b2c5885630bd9b7d7be7ebd9b 226324 
libc-dev-bin_2.13-38+deb7u1_amd64.deb
 e371d3bdfca6bec7cc261f133eb21de4c36a4c230476ce974f8bcfc08189cc51 150418 
multiarch-support_2.13-38+deb7u1_amd64.deb
 c0cb6a9ce02875a5046df879fe4ac9ff2238f1f686ea5076e80ba627a584a62c 3262482 
locales-all_2.13-38+deb7u1_amd64.deb
 a0eb2c6323e4dd0032d506a7da05829efe7dc96d0051804f7aae4d95cf2dbe9c 4035596 
libc6-i386_2.13-38+deb7u1_amd64.deb
 4465addad4c8807c2fed9c330ae8bb4ca3848130b589c619e7cc5b688b39cfd9 1589984 
libc6-dev-i386_2.13-38+deb7u1_amd64.deb
 571e5c01e5d433fa2a2c44caeea9d85e38a5fb957c76bda99ee8ce8547372d7d 214222 
nscd_2.13-38+deb7u1_amd64.deb
 edfeecfc5c3abdf364638c5d91b68864a4df42882fa77231e2d71119a934fd8c 2588416 
libc6-dbg_2.13-38+deb7u1_amd64.deb
 7693849a3f5fe872f9d1c77a445374333087c2c1a39a881d3df1056b793e424f 942526 
libc6-udeb_2.13-38+deb7u1_amd64.udeb
 d0b42c6b90c971ff7a3a7dc42168711ec08cc6981e22d793dd84a778c24a6e02 10194 
libnss-dns-udeb_2.13-38+deb7u1_amd64.udeb
 654c818c65d50bde72bc7dde74334c0b261e5abc177a8d950f17fecab4f66e7d 16050 
libnss-files-udeb_2.13-38+deb7u1_amd64.udeb
Files: 
 bff4ecbb581947da8231e1da7d060ee2 4741 libs required eglibc_2.13-38+deb7u1.dsc
 292cab3a752c49d9ad0e3b1c231c24e5 1995935 libs required 
eglibc_2.13-38+deb7u1.diff.gz
 7b569345ba3ad0aac99b749cb5c3de60 1896920 doc optional 
glibc-doc_2.13-38+deb7u1_all.deb
 da6dfd9c16a6d30d2784f09f72ae4916 13443492 devel optional 
eglibc-source_2.13-38+deb7u1_all.deb
 d5f286c97b9988bcea18c76129fbd63e 5713646 localization standard 
locales_2.13-38+deb7u1_all.deb
 4e5829eb1f938da2140cf8406aad327a 4349474 libs required 
libc6_2.13-38+deb7u1_amd64.deb
 4997f9a562c2248682078c27f603bfa0 2663472 libdevel optional 
libc6-dev_2.13-38+deb7u1_amd64.deb
 777edc9ca3edaf13a68aec171c9eb4ba 2104106 libdevel extra 
libc6-prof_2.13-38+deb7u1_amd64.deb
 74c17b428f04ee729d0b095a15a4ee49 1611406 libdevel optional 
libc6-pic_2.13-38+deb7u1_amd64.deb
 95507b6ac39372c87974959cb6f5c267 1272292 libs required 
libc-bin_2.13-38+deb7u1_amd64.deb
 e5e26484fa55f9b5e16347d2f22f15d7 226324 libdevel optional 
libc-dev-bin_2.13-38+deb7u1_amd64.deb
 7bc54e1bdadd8395e2f807d4b19d3ba4 150418 libs required 
multiarch-support_2.13-38+deb7u1_amd64.deb
 75127f2f53f9efad25d5fbe9e5a9e703 3262482 localization extra 
locales-all_2.13-38+deb7u1_amd64.deb
 154e300c9e278d0def6bbf3eac667492 4035596 libs optional 
libc6-i386_2.13-38+deb7u1_amd64.deb
 e34adf9d73785301d81be034c55c8f87 1589984 libdevel optional 
libc6-dev-i386_2.13-38+deb7u1_amd64.deb
 67a385bc6dcb5db3198bbc90eb2b3424 214222 admin optional 
nscd_2.13-38+deb7u1_amd64.deb
 1f02ef954f85ea726ed57e6aaad1bbbd 2588416 debug extra 
libc6-dbg_2.13-38+deb7u1_amd64.deb
 f98248aaa2cdab477ec3af100615299c 942526 debian-installer extra 
libc6-udeb_2.13-38+deb7u1_amd64.udeb
 fc6c9d5f39862bdef72e051ba363b4cd 10194 debian-installer extra 
libnss-dns-udeb_2.13-38+deb7u1_amd64.udeb
 ac8df2f3e7cad8ac75a841101b1fceec 16050 debian-installer extra 
libnss-files-udeb_2.13-38+deb7u1_amd64.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFSt/Hyw3ao2vG823MRAhvlAJwLgXAqrucCXPnjPzmSYXu9aUnIRACfapgs
y14cTbz0J8jkncFkEPeLLPg=
=LzUk
-----END PGP SIGNATURE-----

--- End Message ---

Bug#719558: marked as done (eglibc: CVE-2013-4237)

Reply via email to