Format: 1.8 Date: Thu, 04 Jun 2020 13:19:08 -0400 Source: glibc Binary: libc-bin libc-dev-bin libc6 libc6-amd64 libc6-dbg libc6-dev libc6-dev-amd64 libc6-dev-x32 libc6-pic libc6-udeb libc6-x32 locales-all nscd Architecture: i386_translations i386 Version: 2.30-0ubuntu2.2 Distribution: eoan Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libc-bin - GNU C Library: Binaries libc-dev-bin - GNU C Library: Development binaries libc6 - GNU C Library: Shared libraries libc6-amd64 - GNU C Library: 64bit Shared libraries for AMD64 libc6-dbg - GNU C Library: detached debugging symbols libc6-dev - GNU C Library: Development Libraries and Header Files libc6-dev-amd64 - GNU C Library: 64bit Development Libraries for AMD64 libc6-dev-x32 - GNU C Library: X32 ABI Development Libraries for AMD64 libc6-pic - GNU C Library: PIC archive library libc6-udeb - GNU C Library: Shared libraries - udeb (udeb) libc6-x32 - GNU C Library: X32 ABI Shared libraries for AMD64 locales-all - GNU C Library: Precompiled locale data nscd - GNU C Library: Name Service Cache Daemon Changes: glibc (2.30-0ubuntu2.2) eoan-security; urgency=medium . * SECURITY UPDATE: ASLR bypass - debian/patches/any/CVE-2019-19126.patch: check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC in sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h. - CVE-2019-19126 * SECURITY UPDATE: out-of-bounds write on PowerPC - debian/patches/any/CVE-2020-1751.patch: fix array overflow in backtrace on PowerPC in debug/tst-backtrace5.c, sysdeps/powerpc/powerpc32/backtrace.c, sysdeps/powerpc/powerpc64/backtrace.c. - CVE-2020-1751 * SECURITY UPDATE: use-after-free via tilde expansion - debian/patches/any/CVE-2020-1752.patch: fix use-after-free in glob when expanding ~user in posix/glob.c. - CVE-2020-1752 * SECURITY UPDATE: stack overflow via 80-bit long double function - debian/patches/any/CVE-2020-10029-1.patch: avoid ldbl-96 stack corruption from range reduction of pseudo-zero in sysdeps/ieee754/ldbl-96/Makefile, sysdeps/ieee754/ldbl-96/e_rem_pio2l.c, sysdeps/ieee754/ldbl-96/test-sinl-pseudo.c. - debian/patches/any/CVE-2020-10029-2.patch: use stack protector only if available in sysdeps/ieee754/ldbl-96/Makefile. - CVE-2020-10029 Checksums-Sha1: f2f4999885065bf10c2594e6d941ccfd6b5065ae 12463 glibc_2.30-0ubuntu2.2_i386.buildinfo 7778e5ce79f01a4267cc2f3f8e086ee8844e2d87 2225685 glibc_2.30-0ubuntu2.2_i386_translations.tar.gz cf3fa53d85881a1421504fd27e5773a5a5a0878f 2525520 libc-bin-dbgsym_2.30-0ubuntu2.2_i386.ddeb a39988952c9eef44625ea3cac74a285d38cef9dd 590900 libc-bin_2.30-0ubuntu2.2_i386.deb 1b8017c0ffb81f42c1698a4399eda59c80118413 137328 libc-dev-bin-dbgsym_2.30-0ubuntu2.2_i386.ddeb d20903ce3f984fb0f8c035a40f75eb5f80368f51 72640 libc-dev-bin_2.30-0ubuntu2.2_i386.deb f78ee9ed377c7593c596e7862bce5817dbfe4fe8 10825908 libc6-amd64-dbgsym_2.30-0ubuntu2.2_i386.ddeb 01f8239a838f1136264ddf92aac01426f0a16309 2810788 libc6-amd64_2.30-0ubuntu2.2_i386.deb 9c56f7f2da0fedc2fa88dbcf59118e167982f988 5010952 libc6-dbg_2.30-0ubuntu2.2_i386.deb cc407489103897b3a892a6b7d2c7db3f77f85b46 2046160 libc6-dev-amd64_2.30-0ubuntu2.2_i386.deb cbb24f7ddad5c6a7b8c2c3799156cacd24a2db8a 2005900 libc6-dev-x32_2.30-0ubuntu2.2_i386.deb e176b500a961048ee7897d27b829cc295d25deab 2339628 libc6-dev_2.30-0ubuntu2.2_i386.deb aadc910169d8befca73809dace3548dc5e346ae4 1437804 libc6-pic_2.30-0ubuntu2.2_i386.deb a42c820a776da21efdc1a63d2ee06636a7ce9909 1210472 libc6-udeb_2.30-0ubuntu2.2_i386.udeb 291b643b7a047b826768c90e92201cb2b89fc2f0 10610064 libc6-x32-dbgsym_2.30-0ubuntu2.2_i386.ddeb 81a11db106ad057d3ff9744f4452943fac8905ae 2794092 libc6-x32_2.30-0ubuntu2.2_i386.deb 793f2eb6cfd4722ee3035b426febeea69a161a05 2581600 libc6_2.30-0ubuntu2.2_i386.deb 6a53d54f2a125b17f4df361055fe8b17eb9d7886 10525496 locales-all_2.30-0ubuntu2.2_i386.deb 9124aa3655c5e2aa16a447c0e7d9314989b22493 306108 nscd-dbgsym_2.30-0ubuntu2.2_i386.ddeb a93ca5974b451448ae56926abe95af712a23f964 75056 nscd_2.30-0ubuntu2.2_i386.deb Checksums-Sha256: 0216ea937e3e0a3fd9309fc1ca9e6ed5c43fe3b14e374d313e368b2c888283f1 12463 glibc_2.30-0ubuntu2.2_i386.buildinfo 2770c574569e96352af6d947d6b1176b232d0613fc0c26ddf84c523d67bfafb4 2225685 glibc_2.30-0ubuntu2.2_i386_translations.tar.gz 5f0b7e0c8f85acd911bd10cef0fabf405928514ff249936cb150e76f00463a03 2525520 libc-bin-dbgsym_2.30-0ubuntu2.2_i386.ddeb 35e485eccf78ca84a04b538a26976564654fd53dceec04416372c7cdfd3f7170 590900 libc-bin_2.30-0ubuntu2.2_i386.deb f9933ad918207f8cc9287d960373101a54402b17d95d7d42d23568d51cae24af 137328 libc-dev-bin-dbgsym_2.30-0ubuntu2.2_i386.ddeb 60d6e5be3ed82fc9d63056a4b6f6d50f58e702c79bbf31103638605db742016b 72640 libc-dev-bin_2.30-0ubuntu2.2_i386.deb be9fb29ab99f62a78698508cd934780a59fcf7b163a23c321a89c1035aa697df 10825908 libc6-amd64-dbgsym_2.30-0ubuntu2.2_i386.ddeb 34f43895e20b0272e9822a0fae6e82b4a33e135c89f2aacd468402a7096783b5 2810788 libc6-amd64_2.30-0ubuntu2.2_i386.deb 5f287f7cebcacda6ce503056ce128342051ed80d1f5c4a1efe9db56f2034dafb 5010952 libc6-dbg_2.30-0ubuntu2.2_i386.deb 99fc573a3579eebbbe6222ce586a9de22e301f71522919255b43791d3cec8b12 2046160 libc6-dev-amd64_2.30-0ubuntu2.2_i386.deb 792f1f7dc8303f8b23290874449a2305f0db8c4287753580f936f03b74000e1a 2005900 libc6-dev-x32_2.30-0ubuntu2.2_i386.deb 7f8f24f81c5659cb4775709a6ba8fb3466f895df6c3170f93f32c7574fedd8d5 2339628 libc6-dev_2.30-0ubuntu2.2_i386.deb d4cffbf9ed8f1ee359ad402c8fe36bfb1f32eb5b42d085594fc78354002797cb 1437804 libc6-pic_2.30-0ubuntu2.2_i386.deb feeb7e1a4fdb13a57ad50b8b4250a47727ba2789fef33ffd1f03cc407a3b243d 1210472 libc6-udeb_2.30-0ubuntu2.2_i386.udeb b24b6f83ec8d2d8641c7d93ae071381d76416106d6dbf68ba59366da4f0e58a4 10610064 libc6-x32-dbgsym_2.30-0ubuntu2.2_i386.ddeb c772a1d913aa6ab4318e0de5fd400f8854fa2a3989ee0f17cdeb5916957db44b 2794092 libc6-x32_2.30-0ubuntu2.2_i386.deb 40934a37b30e5b53d5dd155ed87ac5272926b9f9db32c4ee2bd125eb89366936 2581600 libc6_2.30-0ubuntu2.2_i386.deb c61ce2b619fe51773b226f85f9613b3ab4074ab8cfd860dd7aabd4c7040ae209 10525496 locales-all_2.30-0ubuntu2.2_i386.deb ec0132e862bc2e333ed8b6b2b093ee92015ecd56c63ef4ac067745e1e57ef56c 306108 nscd-dbgsym_2.30-0ubuntu2.2_i386.ddeb 180e758a4f1d4ceae883cbc6a91532927ee3f4b47cdc4a507d522388c24ae271 75056 nscd_2.30-0ubuntu2.2_i386.deb Files: 3a1950eedffca7d616666f21cc8222f6 12463 libs required glibc_2.30-0ubuntu2.2_i386.buildinfo 95f3e1d3c9749044ed2d68782cb5174a 2225685 raw-translations - glibc_2.30-0ubuntu2.2_i386_translations.tar.gz b5d9afad30218103c81f7eff85813cf8 2525520 debug optional libc-bin-dbgsym_2.30-0ubuntu2.2_i386.ddeb 95f015fb9464d99c80a092aaca8b0af1 590900 libs required libc-bin_2.30-0ubuntu2.2_i386.deb fb89144e992a465ca55049bbe164e13f 137328 debug optional libc-dev-bin-dbgsym_2.30-0ubuntu2.2_i386.ddeb 1a79cee4f8ddfa1608da5a5059f1aef0 72640 libdevel optional libc-dev-bin_2.30-0ubuntu2.2_i386.deb 5d460be48b621ab526ac3d630e33ec36 10825908 debug optional libc6-amd64-dbgsym_2.30-0ubuntu2.2_i386.ddeb fe94fe28f23aa787d713df27e5130bb9 2810788 libs optional libc6-amd64_2.30-0ubuntu2.2_i386.deb 55c6572e8c9035b75ed4d90e9d1c3e25 5010952 debug optional libc6-dbg_2.30-0ubuntu2.2_i386.deb c778091b06e480bffaf30369997fae48 2046160 libdevel optional libc6-dev-amd64_2.30-0ubuntu2.2_i386.deb c1dce540c26b0d2a9b0de618d1731408 2005900 libdevel optional libc6-dev-x32_2.30-0ubuntu2.2_i386.deb c9d0390f89ab9292cd869938d72b8c41 2339628 libdevel optional libc6-dev_2.30-0ubuntu2.2_i386.deb d1d28b63e92d3a7a5fc27faf3ec900cb 1437804 libdevel optional libc6-pic_2.30-0ubuntu2.2_i386.deb e50635a22a9e959dd19d9d721efdd1b4 1210472 debian-installer optional libc6-udeb_2.30-0ubuntu2.2_i386.udeb 1c4a24a64f95fa99937fa2bcec4d408a 10610064 debug optional libc6-x32-dbgsym_2.30-0ubuntu2.2_i386.ddeb 3ce88642453a510610202f7f3d76e117 2794092 libs optional libc6-x32_2.30-0ubuntu2.2_i386.deb fdd25a4ba2e5f31a49de4090cdfae2c4 2581600 libs optional libc6_2.30-0ubuntu2.2_i386.deb 3f8976b1077bdf45d87bbe74cad24825 10525496 localization optional locales-all_2.30-0ubuntu2.2_i386.deb d5de788c78a75abe72b365957ec7fda5 306108 debug optional nscd-dbgsym_2.30-0ubuntu2.2_i386.ddeb 8c863ba562089f902aaed83a272b1781 75056 admin optional nscd_2.30-0ubuntu2.2_i386.deb Original-Maintainer: GNU Libc Maintainers