The glob function in glob.c in the GNU C Library (aka glibc or libc6) prior to 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.
Synopsis
Moderate: glibc security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for glibc is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base s ...
Synopsis
Moderate: glibc security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
An update for glibc is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ...
Debian Bug report logs -
#879501
CVE-2017-15670
Package:
libc6;
Maintainer for libc6 is GNU Libc Maintainers <debian-glibc@listsdebianorg>; Source for libc6 is src:glibc (PTS, buildd, popcon)
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Sun, 22 Oct 2017 10:51:02 UTC
Severity: important
Tags: fixed-upstre ...
Debian Bug report logs -
#879500
CVE-2017-15671
Package:
libc6;
Maintainer for libc6 is GNU Libc Maintainers <debian-glibc@listsdebianorg>; Source for libc6 is src:glibc (PTS, buildd, popcon)
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Sun, 22 Oct 2017 10:45:06 UTC
Severity: important
Tags: fixed-upstre ...
stdlib/canonicalizec in the GNU C Library (aka glibc or libc6) 227 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution(CVE-2018-11236)
The GNU C Library (aka glibc or lib ...
Fragmentation attacks possible when EDNS0 is enabledThe DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 226, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation(CVE-2017-12132)
Buffer overflow in glob with GLOB_TI ...
The glob function in globc in the GNU C Library (aka glibc or libc6) before 227 contains a buffer overflow during unescaping of user names with the ~ operator ...
Frequently Asked Questions
As stewards of the official images and maintainers of many images ourselves, we often see a lot of questions that surface repeatedly This repository is an attempt to gather some of those and provide some answers!
Table of Contents
Frequently Asked Questions
Table of Contents
General Questions
What do you mean by "Official"?
An image