Bug#775710: glibc: mcontext.h incomplete for kfreebsd-amd64
package: src:glibc version: 2.19-13 severity: important control: block 767048 by -1 Hi, I was working on building wine for kfreebsd-amd64 and found that glibc's x86_64 mcontext.h is not in sync with the upstream code that it is derived from (kfreebsd's amd64 ucontext.h). One example is that mc_fs is not defined in glibc's mcontext_t struct but is in kfreebsd's __mcontext struct (well there is a definion of mc_fs in a second definition of the mcontext_t struct behind an #ifdef __i386__ which will be false on amd64). There are many other differences like this. Since wine uses mc_fs and some of the other bits missing from the non-i386 mcontext_t struct, it fails to build using glibc. Files to compare are: src:kfreebsd-10 sys/x86/include/ucontext.h (the #ifdef __amd64__ section) src:glibc ports/sysdeps/unix/bsd/bsd4.4/kfreebsd/x86_64/bits/mcontext.h (the #else section) Thanks for looking into this. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CANTw=moyrc_pgbg8+3hfbnms1qh+jhhvjv5eqdlbeqbzse7...@mail.gmail.com
Bug#742925: eglibc: CVE-2013-4357
package: src:eglibc severity: important version: 2.11.3-4 A stack overflow issue was reported in eglibc: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4357 Best wishes, Mike -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CANTw=MP=0e4c4es-0frtkujw9qmdpcsxp0xjpxdww9nmcag...@mail.gmail.com
Bug#650234: eglibc: libc-2.11.x.so segfaults when used with ld-2.13.so
reassign 649146 eglibc forcemerge 650234 649146 thanks Hi, I am reassigning these bugs. See the 650234 bug log for tinkering done so far by Daniel Kahn Gillmor. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CANTw=MM5DvN+_p4R4=mg43_6ctzu6g5rgzhdbdi55zvasuf...@mail.gmail.com
Re: CVE-2011-1071 / #615120 - security fix in stable?
Arne Wichmann wrote: Hi, I see that CVE-2011-1071 (#615120) is done in testing - shouldn't it be fixed in stable, too? Yes, Debian security is done by volunteers with limited time, so the best way to get things fixed is to volunteer to do the work yourself (especially in cases like this where no one is working on it). Best wishes, Mike -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110618141731.33615f0f.michael.s.gilb...@gmail.com
Bug#615120: eglibc: alloca memory corruption
On Sat, 26 Feb 2011 11:29:06 +0100 Aurelien Jarno wrote: On Fri, Feb 25, 2011 at 04:22:11PM -0500, Michael Gilbert wrote: package: eglibc version: 2.11.2-10 severity: grave tag: security A memory corruption issue has been disclosed for eglibc [0]. I've checked, and lenny (glibc), squeeze, and sid are affected by the poc. experimental is not. According to the report, this permits arbitrary code execution. Do you have a CVE number that we can use in the changelog? No, there hasn't been one assigned yet. Mike -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110226091858.75f39a56.michael.s.gilb...@gmail.com
Bug#615120: eglibc: alloca memory corruption
package: eglibc version: 2.11.2-10 severity: grave tag: security A memory corruption issue has been disclosed for eglibc [0]. I've checked, and lenny (glibc), squeeze, and sid are affected by the poc. experimental is not. According to the report, this permits arbitrary code execution. [0] http://seclists.org/fulldisclosure/2011/Feb/635 -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110225162211.83a8d13a.michael.s.gilb...@gmail.com
Bug#600667: Fw: re: eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path
Note that a new CVE id (CVE-2011-0536) has been assigned for a vulnerability introduced by the patches for cve-2010-3847 [0]. It sounds like this affects the recent DSAs. Please take a look at the code and figure out what needs to be done to resolve these three issues: CVE-2010-3847, CVE-2010-3856, CVE-2011-0536. Thanks, Mike [0] http://www.openwall.com/lists/oss-security/2011/02/03/2 -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110205142014.b0b6387e.michael.s.gilb...@gmail.com
Bug#600667: Fw: re: eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path
reopen 600667 thanks Maybe I'm reading things wrong, or maybe Mitre's information is actually incorrect, but it looks like the fixes claimed for CVE-2010-3847 in 2.11.2-8 actually address CVE-2010-3856 [0] instead. It looks like CVE-2010-3847 [1] is still unfixed. The original fix in -7 may have been correct to begin with? Best wishes, Mike [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856 http://sourceware.org/ml/libc-hacker/2010-10/msg00010.html [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847 http://sourceware.org/ml/libc-hacker/2010-10/msg7.html -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110201211953.751c3040.michael.s.gilb...@gmail.com
Bug#600667: eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path
On Thu, 21 Oct 2010 19:36:04 +0200, Aurelien Jarno wrote: On Mon, Oct 18, 2010 at 06:58:45PM -0400, Michael Gilbert wrote: package: eglibc version: 2.11.2-6 severity: grave tag: patch an issue has been disclosed in eglibc. see: http://seclists.org/fulldisclosure/2010/Oct/257 patch available: http://sourceware.org/ml/libc-hacker/2010-10/msg7.html I have just committed the fix, I am planning to do an upload soon to unstable. Do you think we should also fix it in stable? via a security release? the exploitability of this issue is questionable, but i think it should be fixed in a DSA just to be safe (based on the precautionary principle). thanks for working on the fix. mike -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101021154359.2747ae58.michael.s.gilb...@gmail.com
Bug#600667: eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path
package: eglibc version: 2.11.2-6 severity: grave tag: patch an issue has been disclosed in eglibc. see: http://seclists.org/fulldisclosure/2010/Oct/257 patch available: http://sourceware.org/ml/libc-hacker/2010-10/msg7.html best wishes, mike -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101018185845.cb4f8bfa.michael.s.gilb...@gmail.com
Bug#568488: eglibc: house of mind attack
package: eglibc severity: important tags: security hi, it has been disclosed that glibc 2.11 is vulnerable to a house of mind attack [0]. i have checked that 2.10 in unstable contains the vulnerable code. mike [0] http://em386.blogspot.com/2010/01/glibc-211-stops-house-of-mind.html -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#552518: libc6: ldd arbitrary code execution vulnerability
package: eglibc version: 2.10.1-2 severity: important tags: security it has been disclosed that it is possible to execute arbitrary code via ldd. this is a pretty obscure attack vector since it requires the user to run ldd on an untrusted executable. while unlikely (since users using ldd should be reasonably intelligent), it is very much possible, so a fix should be made. see [0] for more details. i don't think that this is severe enough to warrant a DSA. if you would like to fix the problem in the stable releases, please coordinate with the release team. mike [0] http://www.catonmat.net/blog/ldd-arbitrary-code-execution -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org