Publishing details

Published on 2022-03-01
Copied from ubuntu bionic in PPA for Ubuntu Security Proposed by Marc Deslauriers

Changelog

glibc (2.27-3ubuntu1.5) bionic-security; urgency=medium

  * SECURITY UPDATE: infinite loop in iconv
    - debian/patches/any/CVE-2016-10228-pre1.patch: add xsetlocale function
      in support/Makefile, support/support.h, support/xsetlocale.c.
    - debian/patches/any/CVE-2016-10228-1.patch: rewrite iconv option
      parsing in iconv/Makefile, iconv/Versions, iconv/gconv_charset.c,
      iconv/gconv_charset.h, iconv/gconv_int.h, iconv/gconv_open.c,
      iconv/iconv_open.c, iconv/iconv_prog.c, iconv/tst-iconv-opt.c,
      iconv/tst-iconv_prog.sh, intl/dcigettext.c.
    - debian/patches/any/CVE-2016-10228-2.patch: handle translation output
      codesets with suffixes in iconv/Versions, iconv/gconv_charset.c,
      iconv/gconv_charset.h, iconv/gconv_int.h, iconv/iconv_open.c,
      iconv/iconv_prog.c, intl/dcigettext.c, intl/tst-codeset.c.
    - CVE-2016-10228
  * SECURITY UPDATE: buffer over-read in iconv
    - debian/patches/any/CVE-2019-25013.patch: fix buffer overrun in EUC-KR
      conversion module in iconvdata/bug-iconv13.c, iconvdata/euc-kr.c,
      iconvdata/ksc5601.h.
    - CVE-2019-25013
  * SECURITY UPDATE: another infinite loop in iconv
    - debian/patches/any/CVE-2020-27618.patch: fix issue in
      iconvdata/ibm1364.c.
    - CVE-2020-27618
  * SECURITY UPDATE: DoS via assert in iconv
    - debian/patches/any/CVE-2020-29562.patch: fix incorrect UCS4 inner
      loop bounds in iconv/Makefile, iconv/gconv_simple.c,
      iconv/tst-iconv8.c.
    - CVE-2020-29562
  * SECURITY UPDATE: signed comparison issue in ARMv7 memcpy
    - debian/patches/any/CVE-2020-6096-3.patch: fix memcpy and memmove for
      negative length  in sysdeps/arm/memcpy.S, sysdeps/arm/memmove.S.
    - debian/patches/any/CVE-2020-6096-4.patch: fix multiarch memcpy for
      negative length in sysdeps/arm/armv7/multiarch/memcpy_impl.S.
    - CVE-2020-6096
  * SECURITY UPDATE: assertion fail in iconv
    - debian/patches/any/CVE-2021-3326.patch: fix assertion failure in
      ISO-2022-JP-3 module in iconvdata/Makefile, iconvdata/bug-iconv14.c,
      iconvdata/iso-2022-jp-3.c.
    - CVE-2021-3326
  * SECURITY UPDATE: overflow in wordexp via crafted pattern
    - debian/patches/any/CVE-2021-35942.patch: handle overflow in
      positional parameter number in posix/wordexp-test.c, posix/wordexp.c.
    - CVE-2021-35942
  * SECURITY UPDATE: Off-by-one buffer overflow/underflow in getcwd()
    - debian/patches/any/CVE-2021-3999.patch: set errno to ERANGE for
      size == 1 in sysdeps/posix/getcwd.c.
    - CVE-2021-3999
  * SECURITY UPDATE: DoS via long svcunix_create path argument
    - debian/patches/any/CVE-2022-23218-pre1.patch: add the
      __sockaddr_un_set function in include/sys/un.h, socket/Makefile,
      socket/sockaddr_un_set.c, socket/tst-sockaddr_un_set.c.
    - debian/patches/any/CVE-2022-23218.patch: fix buffer overflow in
      sunrpc/svc_unix.c.
    - CVE-2022-23218
  * SECURITY UPDATE: DoS via long clnt_create hostname argument
    - debian/patches/any/CVE-2022-23219.patch: fix buffer overflow in
      sunrpc/clnt_gen.c.
    - CVE-2022-23219
  * debian/patches/any/fix_test-errno-linux.patch: Handle EINVAL from
    quotactl in newer kernels in
    sysdeps/unix/sysv/linux/test-errno-linux.c.

 -- Marc Deslauriers <email address hidden>  Mon, 24 Jan 2022 07:53:44 -0500

Available diffs

diff from 2.27-3ubuntu1.4 (in Ubuntu) to 2.27-3ubuntu1.5 (27.7 KiB)
diff from 2.27-3ubuntu1.2 to 2.27-3ubuntu1.5 (143.3 KiB)

Builds

Built packages

glibc-doc GNU C Library: Documentation

glibc-source GNU C Library: sources

libc-bin GNU C Library: Binaries

libc-bin-dbgsym debug symbols for libc-bin

libc-dev-bin GNU C Library: Development binaries

libc-dev-bin-dbgsym debug symbols for libc-dev-bin

libc6 GNU C Library: Shared libraries

libc6-amd64 GNU C Library: 64bit Shared libraries for AMD64

libc6-amd64-dbgsym debug symbols for libc6-amd64

libc6-armel GNU C Library: ARM softfp shared libraries for armhf

libc6-armel-dbgsym debug symbols for libc6-armel

libc6-dbg GNU C Library: detached debugging symbols

libc6-dev GNU C Library: Development Libraries and Header Files

libc6-dev-amd64 GNU C Library: 64bit Development Libraries for AMD64

libc6-dev-armel GNU C Library: ARM softfp development libraries for armhf

libc6-dev-i386 GNU C Library: 32-bit development libraries for AMD64

libc6-dev-s390 GNU C Library: 32bit Development Libraries for IBM zSeries

libc6-dev-x32 GNU C Library: X32 ABI Development Libraries for AMD64

libc6-i386 GNU C Library: 32-bit shared libraries for AMD64

libc6-i386-dbgsym debug symbols for libc6-i386

libc6-lse GNU C Library: Shared Libraries

libc6-pic GNU C Library: PIC archive library

libc6-s390 GNU C Library: 32bit Shared libraries for IBM zSeries

libc6-s390-dbgsym debug symbols for libc6-s390

libc6-udeb GNU C Library: Shared libraries - udeb

libc6-x32 GNU C Library: X32 ABI Shared libraries for AMD64

libc6-x32-dbgsym debug symbols for libc6-x32

locales GNU C Library: National Language (locale) data [support]

locales-all GNU C Library: Precompiled locale data

multiarch-support Transitional package to ensure multiarch compatibility

nscd GNU C Library: Name Service Cache Daemon

nscd-dbgsym debug symbols for nscd

Package files

glibc-doc_2.27-3ubuntu1.5_all.deb (22.1 KiB)
glibc-source_2.27-3ubuntu1.5_all.deb (16.4 MiB)
glibc_2.27-3ubuntu1.5.debian.tar.xz (1.1 MiB)
glibc_2.27-3ubuntu1.5.dsc (9.4 KiB)
glibc_2.27.orig.tar.xz (15.2 MiB)
libc-bin-dbgsym_2.27-3ubuntu1.5_amd64.ddeb (2.4 MiB)
libc-bin-dbgsym_2.27-3ubuntu1.5_arm64.ddeb (2.1 MiB)
libc-bin-dbgsym_2.27-3ubuntu1.5_armhf.ddeb (2.1 MiB)
libc-bin-dbgsym_2.27-3ubuntu1.5_i386.ddeb (2.1 MiB)
libc-bin-dbgsym_2.27-3ubuntu1.5_ppc64el.ddeb (2.5 MiB)
libc-bin-dbgsym_2.27-3ubuntu1.5_s390x.ddeb (2.3 MiB)
libc-bin_2.27-3ubuntu1.5_amd64.deb (623.3 KiB)
libc-bin_2.27-3ubuntu1.5_arm64.deb (461.6 KiB)
libc-bin_2.27-3ubuntu1.5_armhf.deb (452.4 KiB)
libc-bin_2.27-3ubuntu1.5_i386.deb (574.9 KiB)
libc-bin_2.27-3ubuntu1.5_ppc64el.deb (601.3 KiB)
libc-bin_2.27-3ubuntu1.5_s390x.deb (525.6 KiB)
libc-dev-bin-dbgsym_2.27-3ubuntu1.5_amd64.ddeb (141.3 KiB)
libc-dev-bin-dbgsym_2.27-3ubuntu1.5_arm64.ddeb (133.9 KiB)
libc-dev-bin-dbgsym_2.27-3ubuntu1.5_armhf.ddeb (129.0 KiB)
libc-dev-bin-dbgsym_2.27-3ubuntu1.5_i386.ddeb (116.6 KiB)
libc-dev-bin-dbgsym_2.27-3ubuntu1.5_ppc64el.ddeb (148.2 KiB)
libc-dev-bin-dbgsym_2.27-3ubuntu1.5_s390x.ddeb (133.1 KiB)
libc-dev-bin_2.27-3ubuntu1.5_amd64.deb (70.2 KiB)
libc-dev-bin_2.27-3ubuntu1.5_arm64.deb (57.3 KiB)
libc-dev-bin_2.27-3ubuntu1.5_armhf.deb (58.0 KiB)
libc-dev-bin_2.27-3ubuntu1.5_i386.deb (70.2 KiB)
libc-dev-bin_2.27-3ubuntu1.5_ppc64el.deb (68.1 KiB)
libc-dev-bin_2.27-3ubuntu1.5_s390x.deb (60.7 KiB)
libc6-amd64-dbgsym_2.27-3ubuntu1.5_i386.ddeb (9.3 MiB)
libc6-amd64_2.27-3ubuntu1.5_i386.deb (2.7 MiB)
libc6-armel-dbgsym_2.27-3ubuntu1.5_armhf.ddeb (8.7 MiB)
libc6-armel_2.27-3ubuntu1.5_armhf.deb (2.3 MiB)
libc6-dbg_2.27-3ubuntu1.5_amd64.deb (4.9 MiB)
libc6-dbg_2.27-3ubuntu1.5_arm64.deb (7.8 MiB)
libc6-dbg_2.27-3ubuntu1.5_armhf.deb (4.3 MiB)
libc6-dbg_2.27-3ubuntu1.5_i386.deb (4.2 MiB)
libc6-dbg_2.27-3ubuntu1.5_ppc64el.deb (5.4 MiB)
libc6-dbg_2.27-3ubuntu1.5_s390x.deb (4.2 MiB)
libc6-dev-amd64_2.27-3ubuntu1.5_i386.deb (2.0 MiB)
libc6-dev-armel_2.27-3ubuntu1.5_armhf.deb (1.5 MiB)
libc6-dev-i386_2.27-3ubuntu1.5_amd64.deb (1.7 MiB)
libc6-dev-s390_2.27-3ubuntu1.5_s390x.deb (1.5 MiB)
libc6-dev-x32_2.27-3ubuntu1.5_amd64.deb (1.9 MiB)
libc6-dev-x32_2.27-3ubuntu1.5_i386.deb (1.9 MiB)
libc6-dev_2.27-3ubuntu1.5_amd64.deb (2.5 MiB)
libc6-dev_2.27-3ubuntu1.5_arm64.deb (2.0 MiB)
libc6-dev_2.27-3ubuntu1.5_armhf.deb (1.8 MiB)
libc6-dev_2.27-3ubuntu1.5_i386.deb (2.2 MiB)
libc6-dev_2.27-3ubuntu1.5_ppc64el.deb (2.4 MiB)
libc6-dev_2.27-3ubuntu1.5_s390x.deb (1.9 MiB)
libc6-i386-dbgsym_2.27-3ubuntu1.5_amd64.ddeb (8.3 MiB)
libc6-i386_2.27-3ubuntu1.5_amd64.deb (2.5 MiB)
libc6-lse_2.27-3ubuntu1.5_arm64.deb (1.0 MiB)
libc6-pic_2.27-3ubuntu1.5_amd64.deb (1.6 MiB)
libc6-pic_2.27-3ubuntu1.5_arm64.deb (1.2 MiB)
libc6-pic_2.27-3ubuntu1.5_armhf.deb (1.0 MiB)
libc6-pic_2.27-3ubuntu1.5_i386.deb (1.4 MiB)
libc6-pic_2.27-3ubuntu1.5_ppc64el.deb (1.5 MiB)
libc6-pic_2.27-3ubuntu1.5_s390x.deb (1.2 MiB)
libc6-s390-dbgsym_2.27-3ubuntu1.5_s390x.ddeb (8.9 MiB)
libc6-s390_2.27-3ubuntu1.5_s390x.deb (2.3 MiB)
libc6-udeb_2.27-3ubuntu1.5_amd64.udeb (1.4 MiB)
libc6-udeb_2.27-3ubuntu1.5_arm64.udeb (933.9 KiB)
libc6-udeb_2.27-3ubuntu1.5_armhf.udeb (850.6 KiB)
libc6-udeb_2.27-3ubuntu1.5_i386.udeb (1.1 MiB)
libc6-udeb_2.27-3ubuntu1.5_ppc64el.udeb (1.2 MiB)
libc6-udeb_2.27-3ubuntu1.5_s390x.udeb (1002.9 KiB)
libc6-x32-dbgsym_2.27-3ubuntu1.5_amd64.ddeb (9.0 MiB)
libc6-x32-dbgsym_2.27-3ubuntu1.5_i386.ddeb (9.0 MiB)
libc6-x32_2.27-3ubuntu1.5_amd64.deb (2.7 MiB)
libc6-x32_2.27-3ubuntu1.5_i386.deb (2.7 MiB)
libc6_2.27-3ubuntu1.5_amd64.deb (2.7 MiB)
libc6_2.27-3ubuntu1.5_arm64.deb (2.2 MiB)
libc6_2.27-3ubuntu1.5_armhf.deb (2.1 MiB)
libc6_2.27-3ubuntu1.5_i386.deb (2.4 MiB)
libc6_2.27-3ubuntu1.5_ppc64el.deb (2.6 MiB)
libc6_2.27-3ubuntu1.5_s390x.deb (2.2 MiB)
locales-all_2.27-3ubuntu1.5_amd64.deb (3.8 MiB)
locales-all_2.27-3ubuntu1.5_arm64.deb (3.8 MiB)
locales-all_2.27-3ubuntu1.5_armhf.deb (3.8 MiB)
locales-all_2.27-3ubuntu1.5_i386.deb (3.8 MiB)
locales-all_2.27-3ubuntu1.5_ppc64el.deb (3.8 MiB)
locales-all_2.27-3ubuntu1.5_s390x.deb (3.8 MiB)
locales_2.27-3ubuntu1.5_all.deb (3.4 MiB)
multiarch-support_2.27-3ubuntu1.5_amd64.deb (6.8 KiB)
multiarch-support_2.27-3ubuntu1.5_arm64.deb (6.8 KiB)
multiarch-support_2.27-3ubuntu1.5_armhf.deb (6.8 KiB)
multiarch-support_2.27-3ubuntu1.5_i386.deb (6.8 KiB)
multiarch-support_2.27-3ubuntu1.5_ppc64el.deb (6.8 KiB)
multiarch-support_2.27-3ubuntu1.5_s390x.deb (6.8 KiB)
nscd-dbgsym_2.27-3ubuntu1.5_amd64.ddeb (296.0 KiB)
nscd-dbgsym_2.27-3ubuntu1.5_arm64.ddeb (280.8 KiB)
nscd-dbgsym_2.27-3ubuntu1.5_armhf.ddeb (274.8 KiB)
nscd-dbgsym_2.27-3ubuntu1.5_i386.ddeb (262.7 KiB)
nscd-dbgsym_2.27-3ubuntu1.5_ppc64el.ddeb (298.6 KiB)
nscd-dbgsym_2.27-3ubuntu1.5_s390x.ddeb (291.1 KiB)
nscd_2.27-3ubuntu1.5_amd64.deb (76.3 KiB)
nscd_2.27-3ubuntu1.5_arm64.deb (62.3 KiB)
nscd_2.27-3ubuntu1.5_armhf.deb (65.2 KiB)
nscd_2.27-3ubuntu1.5_i386.deb (74.2 KiB)
nscd_2.27-3ubuntu1.5_ppc64el.deb (77.4 KiB)
nscd_2.27-3ubuntu1.5_s390x.deb (69.0 KiB)