libiberty 20160215-1ubuntu0.2 source package in Ubuntu

Changelog

libiberty (20160215-1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: integer overflow in string_appends
    - debian/patches/CVE-2016-2226.patch: check for overflow in
      libiberty/cplus-dem.c.
    - CVE-2016-2226
  * SECURITY UPDATE: use-after-free vulberabilities
    - debian/patches/CVE-2016-4487_4488.patch: set bsize and ksize in
      libiberty/cplus-dem.c, added test to
      libiberty/testsuite/demangle-expected.
    - CVE-2016-4487
    - CVE-2016-4488
  * SECURITY UPDATE: integer overflow in gnu_special
    - debian/patches/CVE-2016-4489.patch: handle case where consume_count
      returns -1 in libiberty/cplus-dem.c.
    - CVE-2016-4489
  * SECURITY UPDATE: integer overflow after sanity checks
    - debian/patches/CVE-2016-4490.patch: parse numbers as integer instead
      of long in libiberty/cp-demangle.c, added test to
      libiberty/testsuite/demangle-expected.
    - CVE-2016-4490
  * SECURITY UPDATE: denial of service via infinite recursion
    - debian/patches/CVE-2016-4491-1.patch: limit recursion in
      include/demangle.h, libiberty/cp-demangle.c, libiberty/cp-demint.c,
      added test to libiberty/testsuite/demangle-expected.
    - debian/patches/CVE-2016-4491-2.patch: limit more recursion in
      libiberty/cp-demangle.c.
    - debian/patches/CVE-2016-4491-3.patch: initialize d_printing in
      libiberty/cp-demangle.c.
    - CVE-2016-4491
  * SECURITY UPDATE: buffer overflow in do_type
    - debian/patches/CVE-2016-4492_4493.patch: properly handle large values
      and overflow in libiberty/cplus-dem.c, added test to
      libiberty/testsuite/demangle-expected.
    - CVE-2016-4492
    - CVE-2016-4493
  * SECURITY UPDATE: denial of service via infinite recursion
    - debian/patches/CVE-2016-6131.patch: prevent infinite recursion in
      libiberty/cplus-dem.c, added test to
      libiberty/testsuite/demangle-expected.
    - CVE-2016-6131

 -- Marc Deslauriers <email address hidden>  Mon, 12 Jun 2017 12:43:14 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Xenial
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
libdevel
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
libiberty_20160215.orig.tar.xz 1.0 MiB 0a1604df747a20f3c3a31bb44395aeb133a7bc6daf15c82a719b4833ad53af57
libiberty_20160215-1ubuntu0.2.debian.tar.xz 14.2 KiB ccd8782e6454230ae78bec35e75357205c8ee7ecb274f601c5a72d9a9fb06fe8
libiberty_20160215-1ubuntu0.2.dsc 1.9 KiB 8bc6338f98aa54238cf3d2bede47b287e56a761bc10e33b7236f50b7bbe999e2

View changes file

Binary packages built by this source

libiberty-dev: library of utility functions used by GNU programs

 The libib library is a collection of subroutines used by various
 GNU programs, which are missing or broken on some systems.
 .
 This library shouldn't be used by other software, but unfortunately
 already is. There is no guaranty for a stable library API, and no
 shared library is provided.