glibc CVE-2016-20013
Currently Ubuntu's page for this CVE https:/
From https:/
"libcrypt has been removed from the GNU C Library. The configure
options "--enable-crypt" and "--enable-
available. <crypt.h>, libcrypt.a, and libcrypt.so.1 will not be
installed. For now <unistd.h> continues to declare the crypt
function by default, to avoid introducing vulnerabilities into
existing applications due to a missing prototype. This declaration
is deprecated and may be removed in a future glibc release.
The replacement for libcrypt is libxcrypt, maintained separately from
GNU libc, but available under compatible licensing terms, and providing
binary backward compatibility with the former libcrypt. It is currently
distributed from <https:/
Could the Ubuntu CVE tracker be updated to show glibc is not vulnerable in 24.04 and later, and reassign the CVE to libxcrypt?
Question information
- Language:
- English Edit question
- Status:
- Expired
- For:
- Ubuntu Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply: