-
Committer:
Package Import Robot
-
Author(s):
Steve Beattie
-
Date:
2012-09-28 23:48:21 UTC
-
mfrom:
(42.1.4 lucid-security)
-
Revision ID:
package-import@ubuntu.com-20120928234821-pjhhpvxnpbk15cul
Tags: 2.11.1-0ubuntu7.11
* SECURITY UPDATE: buffer overflow in vfprintf handling
- debian/patches/any/CVE-2012-3404.patch: Fix allocation when
handling positional parameters in printf.
- CVE-2012-3404
* SECURITY UPDATE: buffer overflow in vfprintf handling
- debian/patches/any/CVE-2012-3405.patch: fix extension of array
- CVE-2012-3405
* SECURITY UPDATE: stack buffer overflow in vfprintf handling
(LP: #1031301)
- debian/patches/any/CVE-2012-3406.patch: switch to malloc when
array grows too large to handle via alloca extension
- CVE-2012-3406
* SECURITY UPDATE: stdlib strtod integer/buffer overflows
- debian/patches/any/CVE-2012-3480.patch: rearrange calculations
and modify types to void integer overflows
- CVE-2012-3480
* debian/patches/any/strtod_overflow_bug7066.patch: Fix array
overflow in floating point parser triggered by applying patch for
CVE-2012-3480
* debian/testsuite-checking/expected-results-x86_64-linux-gnu-libc,
debian/testsuite-checking/expected-results-i486-linux-gnu-libc,
debian/testsuite-checking/expected-results-i686-linux-gnu-i386,
debian/testsuite-checking/expected-results-i686-linux-gnu-i686,
debian/testsuite-checking/expected-results-i686-linux-gnu-xen,
debian/testsuite-checking/expected-results-sparc64-linux-gnu-sparc64:
update for pre-existing testsuite failures that prevents FTBFS
when the testsuite is enabled.