Bug#742925: Re: Bug#742925: eglibc: CVE-2013-4357
Hi, Could you please help here. -Thanks and Regards, Deepak Kumar From: Deepak Kumar Sent: Wednesday, November 05, 2014 11:41 AM To: '742...@bugs.debian.org'; 'car...@systemhalted.org'; 'mgilb...@debian.org'; 'sub...@bugs.debian.org' Cc: Shobhit Shingla Subject: Re: Bug#742925: eglibc: CVE-2013-4357 Hi All, Could anyone please help, with the vulnerability ID, CVE-2013-4357. Could you please help with the description of the vulnerability as in what is the applicability of the vulnerability, and The patch for the vulnerability. Which of the below mentioned patch is applicable for vulnerability. Thanks in advance for your support. -Thanks and Regards, Deepak Kumar On Sat, 29 Mar 2014 02:54:29 -0400 Carlos O'Donell car...@systemhalted.orgmailto:car...@systemhalted.org wrote: Related commits the fix the CVE: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=f2962a71959fd254a7a223437ca4b63b9e81130c https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=34a9094f49241ebb72084c536cf468fd51ebe3ec On Fri, Mar 28, 2014 at 9:21 PM, Michael Gilbert mgilb...@debian.orgmailto:mgilb...@debian.org wrote: package: src:eglibc severity: important version: 2.11.3-4 A stack overflow issue was reported in eglibc: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4357 Best wishes, Mike -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.orgmailto:debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.orgmailto:listmas...@lists.debian.org Archive: https://lists.debian.org/CANTw=MP=0e4c4es-0frtkujw9qmdpcsxp0xjpxdww9nmcag...@mail.gmail.com DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus.
Bug#742925: Re: Bug#742925: eglibc: CVE-2013-4357
Glibc Pakage :- 2.3.6.tar.bz2 From: Deepak Kumar Sent: Wednesday, November 12, 2014 2:47 PM To: Deepak Kumar; '742...@bugs.debian.org'; 'car...@systemhalted.org'; 'mgilb...@debian.org'; 'sub...@bugs.debian.org' Cc: Shobhit Shingla Subject: RE: Re: Bug#742925: eglibc: CVE-2013-4357 Hi, Could you please help here. -Thanks and Regards, Deepak Kumar From: Deepak Kumar Sent: Wednesday, November 05, 2014 11:41 AM To: '742...@bugs.debian.org'; 'car...@systemhalted.org'; 'mgilb...@debian.org'; 'sub...@bugs.debian.org' Cc: Shobhit Shingla Subject: Re: Bug#742925: eglibc: CVE-2013-4357 Hi All, Could anyone please help, with the vulnerability ID, CVE-2013-4357. Could you please help with the description of the vulnerability as in what is the applicability of the vulnerability, and The patch for the vulnerability. Which of the below mentioned patch is applicable for vulnerability. Thanks in advance for your support. -Thanks and Regards, Deepak Kumar On Sat, 29 Mar 2014 02:54:29 -0400 Carlos O'Donell car...@systemhalted.orgmailto:car...@systemhalted.org wrote: Related commits the fix the CVE: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=f2962a71959fd254a7a223437ca4b63b9e81130c https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=34a9094f49241ebb72084c536cf468fd51ebe3ec On Fri, Mar 28, 2014 at 9:21 PM, Michael Gilbert mgilb...@debian.orgmailto:mgilb...@debian.org wrote: package: src:eglibc severity: important version: 2.11.3-4 A stack overflow issue was reported in eglibc: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4357 Best wishes, Mike -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.orgmailto:debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.orgmailto:listmas...@lists.debian.org Archive: https://lists.debian.org/CANTw=MP=0e4c4es-0frtkujw9qmdpcsxp0xjpxdww9nmcag...@mail.gmail.com DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus.
Bug#742925: Re: Bug#742925: eglibc: CVE-2013-4357
On Wed, Nov 12, 2014 at 09:35:37AM +, Deepak Kumar wrote: Hi All, Could anyone please help, with the vulnerability ID, CVE-2013-4357. Could you please help with the description of the vulnerability as in what is the applicability of the vulnerability, and The patch for the vulnerability. The description is available there: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4357 https://sourceware.org/bugzilla/show_bug.cgi?id=12671 Which of the below mentioned patch is applicable for vulnerability. The patches to fix the issue are available there: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=f2962a71959fd254a7a223437ca4b63b9e81130c https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=34a9094f49241ebb72084c536cf468fd51ebe3ec Aurelien -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurel...@aurel32.net http://www.aurel32.net -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141112170812.gh...@hall.aurel32.net
Bug#742925: Re: Bug#742925: eglibc: CVE-2013-4357
Hi Aurelien, Thanks for the help. Actually I have to apply the patch on glibc2.3.6 version. You have mentioned two patch links. Are both needed to be applied for this vulnerability? -Thanks and Regards, Deepak Kumar -Original Message- From: Aurelien Jarno [mailto:aurel...@aurel32.net] Sent: Wednesday, November 12, 2014 10:38 PM To: Deepak Kumar Cc: car...@systemhalted.org; mgilb...@debian.org; sub...@bugs.debian.org Subject: Re: Bug#742925: Re: Bug#742925: eglibc: CVE-2013-4357 On Wed, Nov 12, 2014 at 09:35:37AM +, Deepak Kumar wrote: Hi All, Could anyone please help, with the vulnerability ID, CVE-2013-4357. Could you please help with the description of the vulnerability as in what is the applicability of the vulnerability, and The patch for the vulnerability. The description is available there: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4357 https://sourceware.org/bugzilla/show_bug.cgi?id=12671 Which of the below mentioned patch is applicable for vulnerability. The patches to fix the issue are available there: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=f2962a71959fd254a7a223437ca4b63b9e81130c https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=34a9094f49241ebb72084c536cf468fd51ebe3ec Aurelien -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurel...@aurel32.net http://www.aurel32.net DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus. -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/f196c5cdcf2e4d5cb1484290b4561...@gurmbxv02.ad.aricent.com
Bug#742925: eglibc: CVE-2013-4357
Hi All, Could anyone please help, with the vulnerability ID, CVE-2013-4357. Could you please help with the description of the vulnerability as in what is the applicability of the vulnerability, and The patch for the vulnerability. Which of the below mentioned patch is applicable for vulnerability. Thanks in advance for your support. -Thanks and Regards, Deepak Kumar On Sat, 29 Mar 2014 02:54:29 -0400 Carlos O'Donell car...@systemhalted.org wrote: Related commits the fix the CVE: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=f2962a71959fd254a7a223437ca4b63b9e81130c https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=34a9094f49241ebb72084c536cf468fd51ebe3ec On Fri, Mar 28, 2014 at 9:21 PM, Michael Gilbert mgilb...@debian.org wrote: package: src:eglibc severity: important version: 2.11.3-4 A stack overflow issue was reported in eglibc: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4357 Best wishes, Mike -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CANTw=MP=0e4c4es-0frtkujw9qmdpcsxp0xjpxdww9nmcag...@mail.gmail.com DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus.
Bug#742925: eglibc: CVE-2013-4357
Related commits the fix the CVE: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=f2962a71959fd254a7a223437ca4b63b9e81130c https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=34a9094f49241ebb72084c536cf468fd51ebe3ec On Fri, Mar 28, 2014 at 9:21 PM, Michael Gilbert mgilb...@debian.org wrote: package: src:eglibc severity: important version: 2.11.3-4 A stack overflow issue was reported in eglibc: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4357 Best wishes, Mike -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CANTw=MP=0e4c4es-0frtkujw9qmdpcsxp0xjpxdww9nmcag...@mail.gmail.com -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CAE2sS1gm1L1CA8LVXGqiwrWOcu6kLri1SP4ckmdVji=plnt...@mail.gmail.com
Bug#742925: eglibc: CVE-2013-4357
package: src:eglibc severity: important version: 2.11.3-4 A stack overflow issue was reported in eglibc: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4357 Best wishes, Mike -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CANTw=MP=0e4c4es-0frtkujw9qmdpcsxp0xjpxdww9nmcag...@mail.gmail.com