Bug#751774: eglibc: CVE-2014-4043: posix_spawn_file_actions_addopen fails to copy the path argument

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#751774: eglibc: CVE-2014-4043: posix_spawn_file_actions_addopen fails to copy the path argument
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 16 Jun 2014 16:37:40 +0200
Message-id: <[🔎] 20140616143740.777.39904.reportbug@lorien.valinor.li>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 751774@bugs.debian.org

Source: eglibc
Version: 2.19-1
Severity: normal
Tags: security upstream fixed-upstream

Hi,

the following vulnerability was published for eglibc.

CVE-2014-4043[0,1]:
posix_spawn_file_actions_addopen fails to copy the path argument

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2014-4043
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1109263

Regards,
Salvatore

Reply to:

Follow-Ups:
- Bug#751774: marked as done (eglibc: CVE-2014-4043: posix_spawn_file_actions_addopen fails to copy the path argument)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: r6156 - in glibc-package/trunk/debian: . patches patches/any
Next by Date: Processed: found 751774 in 2.11.3-4
Previous by thread: r6156 - in glibc-package/trunk/debian: . patches patches/any
Next by thread: Bug#751774: marked as done (eglibc: CVE-2014-4043: posix_spawn_file_actions_addopen fails to copy the path argument)
Index(es):
- Date
- Thread