Bug#989505: Multiple security issues (CVE-2021-31870, CVE-2021-31871, CVE-2021-31872, CVE-2021-31873)

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#989505: Multiple security issues (CVE-2021-31870, CVE-2021-31871, CVE-2021-31872, CVE-2021-31873)
From: Ben Hutchings <ben@decadent.org.uk>
Date: Sat, 05 Jun 2021 20:14:04 +0200
Message-id: <[🔎] 162291684431.526495.10780408610979381547.reportbug@deadeye.wl.decadent.org.uk>
Reply-to: Ben Hutchings <ben@decadent.org.uk>, 989505@bugs.debian.org

Source: klibc
Version: 2.0.6-1
Severity: important
Tags: security

klibc version 2.0.9 fixed various security issues.  These are fixed in
unstable but not yet in buster.  They were triaged as no-dsa by the
security team, so they should be fixed in a stable update instead.

Ben.

-- System Information:
Debian Release: 11.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-6-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Reply to:

Follow-Ups:
- Bug#989505: marked as done (Multiple security issues (CVE-2021-31870, CVE-2021-31871, CVE-2021-31872, CVE-2021-31873))
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Bug#989010: linux-image-5.10.0-7-amd64: No display (post, grub, boot messages and desktop) after the upgrade to 5.10.38
Next by Date: Processed: fixed 989505 in 2.0.8-6
Previous by thread: Bug#989143: initramfs-tools: doesn’t actually compress with zstd
Next by thread: Bug#989505: marked as done (Multiple security issues (CVE-2021-31870, CVE-2021-31871, CVE-2021-31872, CVE-2021-31873))
Index(es):
- Date
- Thread