glibc 2.23-0ubuntu11.2 source package in Ubuntu
Changelog
glibc (2.23-0ubuntu11.2) xenial-security; urgency=medium
* SECURITY UPDATE: Use-after-free in clntudp_call
- debian/patches/CVE-2017-12133.patch: avoid use-after-free read access
in sunrpc/Makefile, sunrpc/clnt_udp.c, sunrpc/tst-udp-error.c.
- CVE-2017-12133
* SECURITY UPDATE: overlap in SSE2-optimized memmove implementation
- debian/patches/CVE-2017-18269.patch: fixed branch conditions in
string/test-memmove.c,
sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S.
- CVE-2017-18269
* SECURITY UPDATE: integer overflow in posix_memalign
- debian/patches/CVE-2018-6485.patch: fix integer overflows in internal
memalign and malloc in malloc/Makefile, malloc/malloc.c,
malloc/tst-malloc-too-large.c.
- CVE-2018-6485
* SECURITY UPDATE: integer overflow in realpath
- debian/patches/any/CVE-2018-11236.patch: fix path length overflow in
realpath in stdlib/Makefile, stdlib/canonicalize.c,
stdlib/test-bz22786.c.
- CVE-2018-11236
* SECURITY UPDATE: buffer overflow in __mempcpy_avx512_no_vzeroupper
- debian/patches/any/CVE-2018-11237.patch: don't write beyond
destination in string/test-mempcpy.c,
sysdeps/x86_64/multiarch/memcpy-avx512-no-vzeroupper.S.
- CVE-2018-11237
* SECURITY UPDATE: heap over-read via regular-expression match
- debian/patches/any/CVE-2019-9169.patch: fix read overrun in
posix/regexec.c.
- CVE-2019-9169
* SECURITY UPDATE: ASLR bypass
- debian/patches/any/CVE-2019-19126.patch: check __libc_enable_secure
before honoring LD_PREFER_MAP_32BIT_EXEC in
sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h.
- CVE-2019-19126
* SECURITY UPDATE: out-of-bounds write on PowerPC
- debian/patches/any/CVE-2020-1751.patch: fix array overflow in
backtrace on PowerPC in debug/tst-backtrace5.c,
sysdeps/powerpc/powerpc32/backtrace.c,
sysdeps/powerpc/powerpc64/backtrace.c.
- CVE-2020-1751
* SECURITY UPDATE: use-after-free via tilde expansion
- debian/patches/any/CVE-2020-1752.patch: fix use-after-free in glob
when expanding ~user in posix/glob.c.
- CVE-2020-1752
* SECURITY UPDATE: stack overflow via 80-bit long double function
- debian/patches/any/CVE-2020-10029.patch: avoid ldbl-96 stack
corruption from range reduction of pseudo-zero in
sysdeps/ieee754/ldbl-96/e_rem_pio2l.c,
- CVE-2020-10029
-- Marc Deslauriers <email address hidden> Thu, 04 Jun 2020 13:56:35 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| glibc_2.23.orig.tar.xz | 13.2 MiB | bf6c528eeebefcacc295270068b79330c1fb2b22458ff66285b4175d23442c96 |
| glibc_2.23-0ubuntu11.2.debian.tar.xz | 1.3 MiB | 04ebe665c81c24481057a4facd6c07e9c43319f6a2dc98fce18ecd247d1af96d |
| glibc_2.23-0ubuntu11.2.dsc | 8.3 KiB | bf8f1067f5524046070f3cac025888651a99447cc789a0e5b9eafa97a3571f9c |
Available diffs
Binary packages built by this source
- glibc-doc: GNU C Library: Documentation
Contains man pages for libpthread functions and the complete GNU C Library
ChangeLog. The GNU C Library Reference manual has been moved into
glibc-doc-reference for licensing reasons.
- glibc-source: GNU C Library: sources
This package contains the sources and patches which are needed to
build glibc.
- libc-bin: GNU C Library: Binaries
This package contains utility programs related to the GNU C Library.
.
* catchsegv: catch segmentation faults in programs
* getconf: query system configuration variables
* getent: get entries from administrative databases
* iconv, iconvconfig: convert between character encodings
* ldd, ldconfig: print/configure shared library dependencies
* locale, localedef: show/generate locale definitions
* tzselect, zdump, zic: select/dump/compile time zones
- libc-bin-dbgsym: debug symbols for package libc-bin
This package contains utility programs related to the GNU C Library.
.
* catchsegv: catch segmentation faults in programs
* getconf: query system configuration variables
* getent: get entries from administrative databases
* iconv, iconvconfig: convert between character encodings
* ldd, ldconfig: print/configure shared library dependencies
* locale, localedef: show/generate locale definitions
* tzselect, zdump, zic: select/dump/compile time zones
- libc-dev-bin: GNU C Library: Development binaries
This package contains utility programs related to the GNU C Library
development package.
- libc-dev-bin-dbgsym: debug symbols for package libc-dev-bin
This package contains utility programs related to the GNU C Library
development package.
- libc6: GNU C Library: Shared libraries
Contains the standard libraries that are used by nearly all programs on
the system. This package includes shared versions of the standard C library
and the standard math library, as well as many others.
- libc6-amd64: GNU C Library: 64bit Shared libraries for AMD64
This package includes shared versions of the standard C library and the
standard math library, as well as many others. This is the 64bit version
of the library, meant for AMD64 systems.
- libc6-amd64-dbgsym: debug symbols for package libc6-amd64
This package includes shared versions of the standard C library and the
standard math library, as well as many others. This is the 64bit version
of the library, meant for AMD64 systems.
- libc6-armel: GNU C Library: ARM softfp shared libraries for armhf
This package includes shared versions of the standard C
library and the standard math library, as well as many others.
This is the ARM softfp version of the library, meant for armhf systems.
- libc6-armel-dbgsym: debug symbols for package libc6-armel
This package includes shared versions of the standard C
library and the standard math library, as well as many others.
This is the ARM softfp version of the library, meant for armhf systems.
- libc6-dbg: GNU C Library: detached debugging symbols
This package contains the detached debugging symbols for the GNU C
library.
- libc6-dbgsym: debug symbols for package libc6
Contains the standard libraries that are used by nearly all programs on
the system. This package includes shared versions of the standard C library
and the standard math library, as well as many others.
- libc6-dev: GNU C Library: Development Libraries and Header Files
Contains the symlinks, headers, and object files needed to compile
and link programs which use the standard C library.
- libc6-dev-amd64: GNU C Library: 64bit Development Libraries for AMD64
Contains the symlinks and object files needed to compile and link programs
which use the standard C library. This is the 64bit version of the
library, meant for AMD64 systems.
- libc6-dev-armel: GNU C Library: ARM softfp development libraries for armhf
Contains the symlinks and object files needed to compile and link programs
which use the standard C library. This is the ARM softfp version of the
library, meant for armhf systems.
- libc6-dev-i386: GNU C Library: 32-bit development libraries for AMD64
Contains the symlinks and object files needed to compile and link programs
which use the standard C library. This is the 32bit version of the
library, meant for AMD64 systems.
- libc6-dev-ppc64: GNU C Library: 64bit Development Libraries for PowerPC64
Contains the symlinks and object files needed to compile and link programs
which use the standard C library. This is the 64bit version of the
library, meant for PowerPC64 systems.
- libc6-dev-s390: GNU C Library: 32bit Development Libraries for IBM zSeries
Contains the symlinks and object files needed to compile and link programs
which use the standard C library. This is the 32bit version of the
library.
- libc6-dev-x32: GNU C Library: X32 ABI Development Libraries for AMD64
Contains the symlinks and object files needed to compile and link programs
which use the standard C library. This is the X32 ABI version of the
library, meant for amd64 systems.
- libc6-i386: GNU C Library: 32-bit shared libraries for AMD64
This package includes shared versions of the standard C
library and the standard math library, as well as many others.
This is the 32bit version of the library, meant for AMD64 systems.
- libc6-i386-dbgsym: debug symbols for package libc6-i386
This package includes shared versions of the standard C
library and the standard math library, as well as many others.
This is the 32bit version of the library, meant for AMD64 systems.
- libc6-pic: GNU C Library: PIC archive library
Contains an archive library (ar file) composed of individual shared objects.
This is used for creating a library which is a smaller subset of the
standard libc shared library. The reduced library is used by debian-installer
and may be useful for custom installation media and in embedded systems.
- libc6-ppc64: GNU C Library: 64bit Shared libraries for PowerPC64
This package includes shared versions of the standard C library and the
standard math library, as well as many others. This is the 64bit version
of the library, meant for PowerPC64 systems.
- libc6-ppc64-dbgsym: debug symbols for package libc6-ppc64
This package includes shared versions of the standard C library and the
standard math library, as well as many others. This is the 64bit version
of the library, meant for PowerPC64 systems.
- libc6-s390: GNU C Library: 32bit Shared libraries for IBM zSeries
This package includes shared versions of the standard C library and the
standard math library, as well as many others. This is the 32bit version
of the library.
- libc6-s390-dbgsym: debug symbols for package libc6-s390
This package includes shared versions of the standard C library and the
standard math library, as well as many others. This is the 32bit version
of the library.
- libc6-udeb: GNU C Library: Shared libraries - udeb
Contains the standard libraries that are used by nearly all programs on
the system. This package includes shared versions of the standard C library
and the standard math library, as well as many others.
.
This package contains a minimal set of libraries needed for the Debian
installer. Do not install it on a normal system.
- libc6-udeb-dbgsym: debug symbols for package libc6-udeb
Contains the standard libraries that are used by nearly all programs on
the system. This package includes shared versions of the standard C library
and the standard math library, as well as many others.
.
This package contains a minimal set of libraries needed for the Debian
installer. Do not install it on a normal system.
- libc6-x32: GNU C Library: X32 ABI Shared libraries for AMD64
This package includes shared versions of the standard C library and the
standard math library, as well as many others. This is the X32 ABI version
of the library, meant for AMD64 systems.
- libc6-x32-dbgsym: debug symbols for package libc6-x32
This package includes shared versions of the standard C library and the
standard math library, as well as many others. This is the X32 ABI version
of the library, meant for AMD64 systems.
- locales: GNU C Library: National Language (locale) data [support]
Machine-readable data files, shared objects and programs used by the
C library for localization (l10n) and internationalization (i18n) support.
.
This package contains tools to generate locale definitions from source
files (included in this package). It allows you to customize which
definitions actually get generated. This is a space-saver over how this
package used to be, with all locales generated by default. This created
a package that unpacked to an excess of 30 megs.
- locales-all: GNU C Library: Precompiled locale data
This package contains the precompiled locale data for all supported locales.
A better alternative is to install the locales package and only select
desired locales, but it can be useful on a low-memory machine because some
locale files take a lot of memory to be compiled.
- multiarch-support: Transitional package to ensure multiarch compatibility
This is a transitional package used to ensure multiarch support is present
in ld.so before unpacking libraries to the multiarch directories. It can
be removed once nothing on the system depends on it.
- nscd: GNU C Library: Name Service Cache Daemon
A daemon which handles passwd, group and host lookups
for running programs and caches the results for the next
query. You should install this package only if you use
slow services like LDAP, NIS or NIS+.
- nscd-dbgsym: debug symbols for package nscd
A daemon which handles passwd, group and host lookups
for running programs and caches the results for the next
query. You should install this package only if you use
slow services like LDAP, NIS or NIS+.
