eglibc (2.15-0ubuntu10.23) precise-security; urgency=medium

  * Removing locale/locales-all from debian/control since in Precise
    it uses langpack-locales and no binary is created in eglibc for locales

eglibc (2.15-0ubuntu10.22) precise-security; urgency=medium

  * SECURITY UPDATE: Integer overflow
    - debian/patch/CVE-2018-6485.patch: fix integer overflows in
      internal memallign and malloc functions in
      malloc/malloc.c.
    - CVE-2018-6485

eglibc (2.15-0ubuntu10.21) precise-security; urgency=medium

  * SECURITY UPDATE: Buffer underflow in realpath()
    - debian/patches/any/cvs-make-getcwd-fail-if-path-is-no-absolute.diff:
      Make getcwd(3) fail if it cannot obtain an absolute path
    - CVE-2018-1000001

eglibc (2.15-0ubuntu10.20) precise-security; urgency=medium

  * SECURITY UPDATE: LD_LIBRARY_PATH stack corruption
    - debian/patches/any/CVE-2017-1000366.patch: Completely ignore
      LD_LIBRARY_PATH for AT_SECURE=1 programs
    - CVE-2017-1000366
  * SECURITY UPDATE: LD_PRELOAD stack corruption
    - 
debian/patches/any/upstream-harden-rtld-Reject-overly-long-LD_PRELOAD.patch:
      Reject overly long names or names containing directories in
      LD_PRELOAD for AT_SECURE=1 programs.
  * debian/patches/any/cvs-harden-glibc-malloc-metadata.patch: add
    additional consistency check for 1-byte overflows
  * debian/patches/any/cvs-harden-ignore-LD_HWCAP_MASK.patch: ignore
    LD_HWCAP_MASK for AT_SECURE=1 programs

Date: 2020-03-06 13:51:34.505624+00:00
Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa)
Signed-By: Steve Langasek <steve.langa...@canonical.com>
https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.23
Sorry, changesfile not available.
-- 
Precise-changes mailing list
Precise-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/precise-changes

Reply via email to