[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#803927: glibc: multiple overflows in strxfrm()

Source: glibc
Version: 2.19-22
Severity: serious
Tags: security fixed-upstream
Control: forwarded -1 https://sourceware.org/bugzilla/show_bug.cgi?id=16009


libc6 is vulnerable to buffer overruns in strxfrm() as reported
in the following upstream ticket:

The issue is fixed in glibc 2.21.

No CVE has been assigned yet even though it had been requested
in http://openwall.com/lists/oss-security/2015/09/08/2

The upstream patch is available here:

Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/

Reply to: