** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1031301
Title:
Exploit for unpatched CVE reported in wild.
To manage notifications about this bug go to:
This bug was fixed in the package eglibc - 2.15-0ubuntu20
---
eglibc (2.15-0ubuntu20) quantal; urgency=low
* Backport fixes for dbl-64 and ldbl-128 issues (LP: #1000498)
* Backport another FMA support patch from glibc master branch.
eglibc (2.15-0ubuntu19) quantal-proposed;
CVE-2012-3406 still needs to be addressed in quantal, reopening for
that. Attached is a debdiff to do so.
** Changed in: eglibc (Ubuntu)
Status: Fix Released = In Progress
** Patch added: eglibc_2.15-0ubuntu19.debdiff
The attachment eglibc_2.15-0ubuntu19.debdiff of this bug report has
been identified as being a patch in the form of a debdiff. The ubuntu-
sponsors team has been subscribed to the bug report so that they can
review and hopefully sponsor the debdiff. In the event that this is in
fact not a patch
** Branch linked: lp:ubuntu/eglibc
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1031301
Title:
Exploit for unpatched CVE reported in wild.
To manage notifications about this bug go to:
** Changed in: eglibc (Ubuntu)
Status: In Progress = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1031301
Title:
Exploit for unpatched CVE reported in wild.
To manage
This bug was fixed in the package eglibc - 2.11.1-0ubuntu7.11
---
eglibc (2.11.1-0ubuntu7.11) lucid-security; urgency=low
* SECURITY UPDATE: buffer overflow in vfprintf handling
- debian/patches/any/CVE-2012-3404.patch: Fix allocation when
handling positional parameters
This bug was fixed in the package glibc - 2.7-10ubuntu8.2
---
glibc (2.7-10ubuntu8.2) hardy-security; urgency=low
* SECURITY UPDATE: buffer overflow in vfprintf handling
- debian/patches/any/CVE-2012-3404.patch: Fix allocation when
handling positional parameters in
Has there been any developments on this? Do we know if the debian
patches are safe to simply roll into ubuntu?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1031301
Title:
Exploit for unpatched CVE
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-3404
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-3405
** CVE added: http://www.cve.mitre.org/cgi-
Apologies for setting this back as a security bug, i didnt see Marc set
it as a non-vulnerability (aka Public only bug). I've rectified my
mistake.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Oh, I made a mistake when setting it public, this is definitely a
security vulnerability.
** This bug has been flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
12 matches
Mail list logo
