-
Committer:
Package Import Robot
-
Author(s):
Steve Beattie
-
Date:
2012-03-06 11:28:06 UTC
-
mfrom:
(55.1.3 maverick-proposed)
-
Revision ID:
package-import@ubuntu.com-20120306112806-r6qddiso6gx8rr29
Tags: 2.13-20ubuntu5.1
* SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
- debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
TZ file header
- CVE-2009-5029
* SECURITY UPDATE: ld.so insecure handling of privileged programs'
RPATHs with $ORIGIN
- debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
RPATH and ORIGIN
- CVE-2011-1658
* SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
- debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
many open fds is detected
- CVE-2011-4609
* SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
check bypass
- debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
overflow
- CVE-2012-0864