Bug#777197: glibc: CVE-2015-1472

To: Moritz Muehlenhoff <jmm@inutil.org>, 777197@bugs.debian.org
Subject: Bug#777197: glibc: CVE-2015-1472
From: Aurelien Jarno <aurelien@aurel32.net>
Date: Sun, 8 Feb 2015 17:22:29 +0100
Message-id: <[🔎] 20150208162229.GC9993@aurel32.net>
Reply-to: Aurelien Jarno <aurelien@aurel32.net>, 777197@bugs.debian.org
In-reply-to: <[🔎] 20150206074337.23179.79764.reportbug@m25s06.vlinux.de>
References: <[🔎] 20150206074337.23179.79764.reportbug@m25s06.vlinux.de>

On 2015-02-06 08:43, Moritz Muehlenhoff wrote:
> Package: glibc
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> Hi,
> please see https://sourceware.org/bugzilla/show_bug.cgi?id=16618
> The patch is here: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06
> 
> This was introduced by https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=3f8cc204fdd0
> (2.15). Since the patch was backported into wheezy, it is also
> affected (while squeeze is not).

I have just done the upload to unstable, I'll prepare an upload for
wheezy with the other pending security fixes as soon as possible.

-- 
Aurelien Jarno                          GPG: 4096R/1DDD8C9B
aurelien@aurel32.net                 http://www.aurel32.net

Reply to:

References:
- Bug#777197: glibc: CVE-2015-1472
  - From: Moritz Muehlenhoff <jmm@inutil.org>

Prev by Date: r6354 - in glibc-package/trunk/debian: . patches patches/any
Next by Date: r6355 - glibc-package/trunk/debian
Previous by thread: Bug#777197: glibc: CVE-2015-1472
Next by thread: Bug#777197: marked as done (glibc: CVE-2015-1472 CVE-2015-1473)
Index(es):
- Date
- Thread