Synopsis
Low: glibc security and bug fix update
Type/Severity
Security Advisory: Low
Topic
Updated glibc packages that fix two security issues and two bugs are nowavailable for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having lowsecurity impact Common Vulnerabil ...
Synopsis
Moderate: glibc security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
Updated glibc packages that fix three security issues, several bugs, andadd various enhancements are now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated th ...
Several security issues were fixed in the GNU C Library ...
Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in glibc's memory allocator functions (pvalloc, valloc, and memalign) If an application used such a function, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application (CVE-2013-4332)
A ...
Debian Bug report logs -
#704623
eglibc: CVE-2013-1914: getaddrinfo() stack overflow
Package:
eglibc;
Maintainer for eglibc is (unknown);
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 3 Apr 2013 17:45:02 UTC
Severity: important
Tags: patch, security, upstream
Found in versions 2113-1, 213-38, 2113 ...
Debian Bug report logs -
#699399
[CVE-2013-0242] glibc: DoS due to a buffer overrun in regexp matcher by processing multibyte characters
Package:
eglibc;
Maintainer for eglibc is (unknown);
Reported by: Luciano Bello <luciano@debianorg>
Date: Wed, 30 Jan 2013 23:39:02 UTC
Severity: important
Tags: patch, security
Found i ...
Debian Bug report logs -
#689423
eglibc: CVE-2012-4424: stack overflow in strcoll()
Package:
eglibc;
Maintainer for eglibc is (unknown);
Reported by: Moritz Muehlenhoff <jmm@inutilorg>
Date: Tue, 2 Oct 2012 13:12:01 UTC
Severity: important
Tags: patch, security
Found in versions eglibc/2113-4, eglibc/217-93
Fixed in ...
Debian Bug report logs -
#717178
CVE-2013-4788: PTR_MANGLE ineffective for statically linked binaries
Package:
eglibc;
Maintainer for eglibc is (unknown);
Reported by: Moritz Muehlenhoff <jmm@inutilorg>
Date: Wed, 17 Jul 2013 14:24:01 UTC
Severity: important
Tags: security
Found in versions eglibc/2113-4, eglibc/217-9 ...
Debian Bug report logs -
#722536
eglibc: CVE-2013-4332
Package:
eglibc;
Maintainer for eglibc is (unknown);
Reported by: Moritz Muehlenhoff <jmm@inutilorg>
Date: Thu, 12 Sep 2013 05:27:02 UTC
Severity: grave
Tags: patch, security
Fixed in versions eglibc/217-93, eglibc/213-38+deb7u1
Done: Aurelien Jarno <aurel32@de ...
Debian Bug report logs -
#719558
eglibc: CVE-2013-4237
Package:
eglibc;
Maintainer for eglibc is (unknown);
Reported by: Moritz Muehlenhoff <jmm@inutilorg>
Date: Tue, 13 Aug 2013 05:15:02 UTC
Severity: important
Tags: security
Found in versions eglibc/2113-4, eglibc/217-93
Fixed in versions eglibc/217-94, eglibc/213 ...
Debian Bug report logs -
#727181
eglibc: CVE-2013-4458: Stack (frame) overflow in getaddrinfo() when called with AF_INET6
Package:
eglibc;
Maintainer for eglibc is (unknown);
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 23 Oct 2013 04:54:01 UTC
Severity: important
Tags: security, upstream
Fixed in vers ...
Debian Bug report logs -
#687530
eglibc: CVE-2012-4412: strcoll integer / buffer overflow
Package:
eglibc;
Maintainer for eglibc is (unknown);
Reported by: Moritz Muehlenhoff <jmm@inutilorg>
Date: Thu, 13 Sep 2012 14:21:01 UTC
Severity: important
Tags: patch, security
Found in versions eglibc/2113-4, eglibc/217-93
Fix ...
It was found that getaddrinfo() did not limit the amount of stack memory used during name resolution An attacker able to make an application resolve an attacker-controlled hostname or IP address could possibly cause the application to exhaust all stack memory and crash ...