Synopsis
Moderate: glibc security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for glibc is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base s ...
Synopsis
Moderate: glibc security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
An update for glibc is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ...
Several security issues were fixed in the GNU C library ...
Debian Bug report logs -
#879501
CVE-2017-15670
Package:
libc6;
Maintainer for libc6 is GNU Libc Maintainers <debian-glibc@listsdebianorg>; Source for libc6 is src:glibc (PTS, buildd, popcon)
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Sun, 22 Oct 2017 10:51:02 UTC
Severity: important
Tags: fixed-upstre ...
Debian Bug report logs -
#879955
glibc: CVE-2017-15804
Package:
src:glibc;
Maintainer for src:glibc is GNU Libc Maintainers <debian-glibc@listsdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 27 Oct 2017 16:09:02 UTC
Severity: important
Tags: fixed-upstream, patch, security, upstream
Fo ...
Debian Bug report logs -
#879500
CVE-2017-15671
Package:
libc6;
Maintainer for libc6 is GNU Libc Maintainers <debian-glibc@listsdebianorg>; Source for libc6 is src:glibc (PTS, buildd, popcon)
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Sun, 22 Oct 2017 10:45:06 UTC
Severity: important
Tags: fixed-upstre ...
stdlib/canonicalizec in the GNU C Library (aka glibc or libc6) 227 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution(CVE-2018-11236)
The GNU C Library (aka glibc or lib ...
Fragmentation attacks possible when EDNS0 is enabledThe DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 226, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation(CVE-2017-12132)
Buffer overflow in glob with GLOB_TI ...
The GNU C Library (aka glibc or libc6) before 227 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in globc, related to the processing of home directories using the ~ operator followed by a long string ...
The GNU C Library (aka glibc or libc6) before 227 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in globc, related to the processing of home directories using the ~ operator followed by a long string ...