Source: eglibc
Version: 2.19-1
Severity: normal
Tags: security upstream fixed-upstream
Hi,
the following vulnerability was published for eglibc.
CVE-2014-4043[0,1]:
posix_spawn_file_actions_addopen fails to copy the path argument
If you fix the vulnerability please also make sure to include the
Hi Rafael,
On Thu, Jul 10, 2014 at 08:10:00PM +0200, Rafael Varela Pet wrote:
> On Tue, 27 May 2014 22:47:07 Aurelien Jarno said:
>
> > Source: eglibc
> > Source-Version: 2.13-38+deb7u2
> > Format: 1.8
> > Date: Sun, 25 May 2014 20:01:05 +0200
> > Source: eglibc
> > Binary: libc-bin libc-dev-bi
Hi
This should be addressed with the followign commit:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=42261ad731
See: http://www.openwall.com/lists/oss-security/2015/04/24/3
Regards,
Salvatore
--
To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org
with a subject of "unsubscri
Source: glibc
Version: 2.19-18
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=18240
Hi,
the following vulnerability was published for glibc.
CVE-2015-8778[0]:
Integer overflow in hcreate and hcreate_r
If you fix the vulnerability please al
Source: glibc
Version: 2.19-18
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=18985
Hi,
the following vulnerability was published for glibc.
CVE-2015-8776[0]:
Passing out of range data to strftime() causes a segfault
If you fix the vulnera
Source: glibc
Version: 2.19-18
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=17905
Hi,
the following vulnerability was published for glibc.
CVE-2015-8779[0]:
catopen() Multiple unbounded stack allocations
If you fix the vulnerability plea
Source: glibc
Version: 2.19-18
Severity: normal
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=16962
Hi,
the following vulnerability was published for glibc, reporting it as
well to the BTS to have a BTS <-> security-tracker cross reference.
CVE-2014-9761[0]:
Package: nscd
Version: 2.7-18
Severity: minor
Hi
In manpage for nscd.conf there seems to be the description for
max-db-size and auto-propagate missing.
Bests
Salvatore
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (x
Package: eglibc
Severity: important
Tags: security upstream
Hi,
the following vulnerability was published for eglibc.
CVE-2013-1914[0]:
getaddrinfo() stack overflow
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog en
Control: tags -1 + patch
Hi
Only a small update. Upstream commit:
http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=1cef1b19089528db11f221e938f60b9b048945d7
see: http://marc.info/?l=oss-security&m=136515592721172&w=2
Regards,
Salvatore
--
To UNSUBSCRIBE, email to debian-glibc-requ...@li
Package: eglibc
Severity: important
Tags: security upstream
Hi,
the following vulnerability was published for eglibc.
CVE-2013-4458[0]:
Stack (frame) overflow in getaddrinfo() when called with AF_INET6
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities
Hi Arne,
On Tue, Mar 04, 2014 at 03:00:44PM +0100, Arne Wichmann wrote:
> begin quotation from Moritz Muehlenhoff (in
> <20140301122144.ga11...@inutil.org>):
> > Version: 2.18-1
> >
> > On Fri, Aug 23, 2013 at 02:13:40PM +0200, Arne Wichmann wrote:
> > > tags #717544 + patch
> > >
> > > Hi.
>
Source: glibc
Version: 2.23-4
Severity: important
Tags: security upstream fixed-upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=19257
Hi,
the following vulnerability was published for glibc.
CVE-2016-5417[0]:
per-thread memory leak in __res_vinit with IPv6 nameservers
If you
Hi Aurelien,
On Wed, Aug 03, 2016 at 12:14:26AM +0200, Aurelien Jarno wrote:
> control: reassign -1 libc6
> control: severity 818178 important
> control: forcemerge 818178 -1
>
> On 2016-08-02 19:54, Salvatore Bonaccorso wrote:
> > Source: glibc
> > Version: 2.2
Source: glibc
Version: 2.23-4
Severity: normal
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=20435
Hi,
the following vulnerability was published for glibc, filling to track
the issue.
CVE-2016-6323[0]:
Missing unwind information on ARM
If you fix the vulnera
Source: glibc
Version: 2.19-18
Severity: important
Tags: upstream security
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=19519
Hi,
the following vulnerability was published for glibc.
CVE-2016-10228[0]:
glibc iconv program can hang when invoked with the -c option
If you fix the vul
Source: glibc
Version: 2.19-18
Severity: important
Tags: upstream security
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=21461
Hi,
the following vulnerability was published for glibc, opening the bug
to track the issue as well in the BTS.
CVE-2017-8804[0]:
| The xdr_bytes and xdr_s
Source: glibc
Version: 2.22-10
Severity: important
Tags: upstream security patch fixed-upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=21115
Control: found -1 2.19-18+deb8u5
Hi,
the following vulnerability was published for glibc.
CVE-2017-12133[0]:
Use-after-free in error pa
Source: glibc
Version: 2.24-11
Severity: important
Tags: upstream security patch fixed-upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=21361
Hi,
the following vulnerability was published for glibc.
CVE-2017-12132[0]:
| The DNS stub resolver in the GNU C Library (aka glibc or
Source: glibc
Version: 2.19-18
Severity: important
Tags: patch security upstream fixed-upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=22332
Hi,
the following vulnerability was published for glibc.
CVE-2017-15804[0]:
| The glob function in glob.c in the GNU C Library (aka gli
Source: glibc
Version: 2.31-12
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=27896
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for glibc, basically purely
to track the upstream issue
Source: glibc
Version: 2.32-3
Severity: important
Tags: upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=26401
X-Debbugs-Cc: car...@debian.org
Control: affects -1 rsync
Control: clone -1 -2
Control: reassing -2 src:rsync 3.2.3-6
Control: retitle -2 rsync: Workaround glibc bug BZ#
Control: retitle -1 Workaround glibc bug BZ#26401 (regression in lchmod and
fchmodat when /proc is not mounted)
Hi
On Fri, Sep 17, 2021 at 03:29:26PM +0200, Salvatore Bonaccorso wrote:
> Source: glibc
> Version: 2.32-3
> Severity: important
> Tags: upstream
> Forwarded: https:/
Hi
Apoligies I mixed up the cloned bug while replying for the rsync
workaround. Fixed up now as well the broken retitlings in the BTS.
994542 for glibc
994543 accordingly for rsync.
Regards,
Salvatore
Hi Aurelien,
On Tue, Apr 20, 2021 at 06:36:33PM +0200, Andras Korn wrote:
> Package: libc6
> Version: 2.31-11
> Severity: normal
>
> Hi,
>
> due to
> https://salsa.debian.org/glibc-team/glibc/-/commit/6ddfa57577af0d96df9ddd7be401f5ce9a9bcc0f
> (a commit from 2004) the preinst script for glibc ch
Hi Aurelien,
On Sun, Sep 26, 2021 at 01:21:16PM +0200, Aurelien Jarno wrote:
> Hi,
>
> On 2021-09-26 09:57, Salvatore Bonaccorso wrote:
> > Hi Aurelien,
> >
> > On Tue, Apr 20, 2021 at 06:36:33PM +0200, Andras Korn wrote:
> > > Package: libc6
> >
Source: glibc
Version: 2.31-10
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=28524
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for glibc.
CVE-2021-43396[0]:
| In iconvdata/iso-2022-j
Hi Paul,
On Tue, Mar 01, 2022 at 12:03:51PM +0100, Paul Gevers wrote:
> Dear colleagues,
>
> The Release Team would like to propose a bookworm freeze timeline. Don't
> worry, the timeline is a plan, if serious (timing) issues come up we will
> adapt. However, before making the plan public in a wi
Source: glibc
Version: 2.37-8
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=30842
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Control: found -1 2.36-9+deb12u1
Control: found -1 2.36-9
Hi,
The following vulnerability was published
Source: glibc
Version: 2.37-10
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=30884
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for glibc.
Filling mainly for tracking of the issue.
C
Source: glibc
Version: 2.37-17
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Control: found -1 2.37-15
Control: found -1 2.36-9+deb12u5
Control: found -1 2.36-9+deb12u4
Control: found -1 2.36-9
Control: found -1 2.31-13+deb11u8
Control: found -1
Source: glibc
Version: 2.26-0experimental1
Severity: important
Tags: patch security upstream fixed-upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=22375
Hi,
the following vulnerability was published for glibc (only affecting
experimental)
CVE-2017-17426[0]:
| The malloc funct
Source: glibc
Version: 2.19-18
Severity: important
Tags: security upstream
Hi,
the following vulnerability was published for glibc, this is just to
track the issue. A DSA is not warranted for this issue only and can be
addressed in a point release. The issues are already not-exploitable
as descri
Source: glibc
Version: 2.19-18
Severity: important
Tags: security upstream
Hi,
the following vulnerability was published for glibc, this is just to
track the issue. A DSA is not warranted for this issue only and can be
addressed in a point release. The issues are already not-exploitable
as descri
Source: glibc
Version: 2.19-18
Severity: grave
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=18203
Hi glibc maintainers,
the following vulnerability was published for glibc, filling as grave
due to the privilege escalation potential, but by default in Debian
u
Source: glibc
Version: 2.27-8
Severity: important
Tags: patch security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=23927
Hi,
The following vulnerability was published for glibc.
CVE-2018-19591[0]:
Linux if_nametoindex() does not close descriptor
If you fix the vulnerabil
Package: glibc
Version: 2.28-5--src
Severity: normal
Tags: patch security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=20018
Control: found -1 2.24-11+deb9u3
Control: found -1 2.24-11
Hi,
The following vulnerability was published for glibc.
CVE-2016-10739[0]:
| In the GNU
Source: glibc
Version: 2.29-3
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=25204
Control: found -1 2.28-10
Control: found -1 2.24-11+deb9u1
Control: found -1 2.24-11+deb9u4
Control: found -1 2.24-11
Hi,
The following vulnerability was publ
Source: glibc
Version: 2.29-10
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=25487
Hi,
The following vulnerability was published for glibc.
CVE-2020-10029[0]:
| The GNU C Library (aka glibc or libc6) before 2.32 could overflow an
| on-stac
Source: glibc
Version: 2.30-2
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=25414
Control: found -1 2.16-0experimental0
Control: found -1 2.19-18+deb8u10
Control: found -1 2.24-11+deb9u1
Control: found -1 2.24-11+deb9u4
Control: found -1 2.28
Source: glibc
Version: 2.31-4
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=26224
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Control: found -1 2.28-10
Hi,
The following vulnerability was published for glibc.
CVE-2020-27618[0]:
Source: glibc
Version: 2.31-5
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=26923
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Control: found -1 2.31-4
Hi,
The following vulnerability was published for glibc.
CVE-2020-29562[0]:
|
On Fri, Dec 04, 2020 at 03:03:58PM +0100, Salvatore Bonaccorso wrote:
> Source: glibc
> Version: 2.31-5
> Severity: important
> Tags: security upstream
> Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=26923
> X-Debbugs-Cc: car...@debian.org, Debian Security Team
>
Source: glibc
Version: 2.31-7
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=24973
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Control: found -1 2.28-10
Hi,
The following vulnerability was published for glibc, filling for
tracking
Source: glibc
Version: 2.31-9
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=27256
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Control: found -1 2.28-10
Hi
Filling for tracking the upstream issue BZ#27256:
> Tavis Ormandy reporte
Source: glibc
Version: 2.31-9
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=27462
X-Debbugs-Cc: car...@debian.org, Debian Security Team
,f...@debian.org
Control: found -1 2.28-10
Control: found -1 2.28-1
Hi,
The following vulnerability was
46 matches
Mail list logo
