Bug#522774: Bug#522773: possible solutions for __unused problem

On Sun, Jun 19, 2011 at 07:09:37PM +, Thorsten Glaser wrote: > Ben Hutchings dixit: > > The use of __undefined in the BSDs predates use of it by > both Linux and GNU. (But when using this argumentation > style, we’d probably better take this upstream… except > that upstream may not be helping…

Bug#681888: CVE-2012-3406: exploits in the wild, upstream report?

On Tue, Feb 05, 2013 at 05:56:15PM +0100, Arne Wichmann wrote: > Hi, just for information: [1] suggests that exploits for one of 340[456] > may be out in the wild. > > Moreover I did not find an upstream glibc-bug about this yet. Is there one? > > [1] https://bugs.launchpad.net/ubuntu/%2Bsource/e

Bug#969926: glibc: Parsing of /etc/gshadow can return bad pointers causing segfaults in applications

Am Wed, Sep 09, 2020 at 12:30:44PM +0200 schrieb Aurelien Jarno: > control: forcemerge 967938 969926 > > Hi, > > On 2020-09-09 02:58, Bernd Zeimetz wrote: > > Source: glibc > > Version: 2.28-10 > > Severity: serious > > Tags: security upstream patch > > X-Debbugs-Cc: Debian Security Team > > >

Bug#990542: glibc: CVE-2021-35942

Source: glibc X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for glibc. CVE-2021-35942[0]: Wild read in wordexp (parse_param) https://sourceware.org/bugzilla/show_bug.cgi?id=28011 https://sourceware.org/git/?p=glibc.git;a=

Re: Arch qualification for bookworm: call for DSA, Security, toolchain concerns

Am Wed, Jun 22, 2022 at 10:05:37AM +0200 schrieb Graham Inggs: > Hi, > > As part of the interim architecture qualification for bookworm, we > request that DSA, the security team, Wanna build, and the toolchain > maintainers review and update their list of known concerns for bookworm > release arch

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

Paul Gevers wrote: > As part of the interim architecture qualification for bullseye, we > request that DSA, the security team, Wanna build, and the toolchain > maintainers review and update their list of known concerns for bullseye > release architectures. There's nothing really of concern from th

Bug#1107366: glibc: CVE-2025-5745

Source: glibc X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for glibc. CVE-2025-5745[0]: | The strncmp implementation optimized for the Power10 processor in | the GNU C Library version 2.40 and later writes to vector regis

Bug#1107365: glibc: CVE-2025-5702

Source: glibc X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for glibc. CVE-2025-5702[0]: | The strcmp implementation optimized for the Power10 processor in the | GNU C Library version 2.39 and later writes to vector regist