Several vulnerabilities have been fixed in eglibc, Debian's version of
the GNU C library:
CVE-2012-3406
The vfprintf function in stdio-common/vfprintfc in GNU C Library (aka
glibc) 25, 212, and probably other versions does not properly restrict
the use of the alloca function when allocating the SPECS array, which
allows context- ...
Synopsis
Moderate: rhev-hypervisor6 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An updated rhev-hypervisor6 package that fixes multiple security issues andvarious bugs is now availableThe Red Hat Security Response Team has rated this update as having moderatesecurity impact ...
Synopsis
Moderate: glibc security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
Updated glibc packages that fix one security issue and one bug are nowavailable for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact A Co ...
Synopsis
Moderate: glibc security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
Updated glibc packages that fix three security issues and one bug are nowavailable for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity impact C ...
USN-1589-1 exposed a regression in the GNU C Library floating point parser ...
Multiple security issues were fixed in the GNU C Library ...
Debian Bug report logs -
#681473
CVE-2012-3404 CVE-2012-3405
Package:
eglibc;
Maintainer for eglibc is (unknown);
Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde>
Date: Fri, 13 Jul 2012 13:42:15 UTC
Severity: important
Tags: security
Fixed in version eglibc/213-35
Done: Aurelien Jarno <aurel32@debianorg&g ...
Debian Bug report logs -
#777197
glibc: CVE-2015-1472 CVE-2015-1473
Package:
glibc;
Maintainer for glibc is GNU Libc Maintainers <debian-glibc@listsdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@inutilorg>
Date: Fri, 6 Feb 2015 07:51:02 UTC
Severity: grave
Tags: security
Fixed in versions glibc/219-15, eglibc ...
Debian Bug report logs -
#775572
glibc: CVE-2014-7817 CVE-2014-9402
Package:
src:glibc;
Maintainer for src:glibc is GNU Libc Maintainers <debian-glibc@listsdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Sat, 17 Jan 2015 14:42:02 UTC
Severity: important
Tags: security
Found in version glibc/219 ...
Debian Bug report logs -
#681888
CVE-2012-3406: glibc formatted printing vulnerabilities
Package:
src:glibc;
Maintainer for src:glibc is GNU Libc Maintainers <debian-glibc@listsdebianorg>;
Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde>
Date: Fri, 13 Jul 2012 13:42:15 UTC
Severity: important
Tags: secur ...
Multiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort ...