glibc (2.23-0ubuntu11.3) xenial-security; urgency=medium
* SECURITY UPDATE: DoS via regular expression
- debian/patches/CVE-2009-5155.patch: diagnose invalid back-reference
in posix/regcomp.c, remove invalid test in posix/PCRE.tests.
- CVE-2009-5155
* SECURITY UPDATE: signed comparison vulnerability exists in ARM memcpy
- debian/patches/CVE-2020-6096-1.patch: fix multiarch memcpy for
negative length in sysdeps/arm/armv7/multiarch/memcpy_impl.S.
- debian/patches/CVE-2020-6096-2.patch: fix memcpy and memmove for
negative length in sysdeps/arm/memcpy.S, sysdeps/arm/memmove.S.
- CVE-2020-6096
Date: 2021-04-21 17:21:09.688651+00:00
Changed-By: Marc Deslauriers <[email protected]>
Signed-By: Ubuntu Archive Robot <[email protected]>
https://launchpad.net/ubuntu/+source/glibc/2.23-0ubuntu11.3
Sorry, changesfile not available.
--
Xenial-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
