Ubuntu
eglibc package

Please fix CVE-2012-0864 in precise

Bug #953171 reported by Steve Beattie on 2012-03-12

258

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	eglibc (Ubuntu)	Fix Released	High	Adam Conrad	Ubuntu ubuntu-12.04-beta-2

Bug Description

CVE-2012-0864 was addressed in 1396-1 for releases prior to precise, but still needs to be addressed in precise.

From the USN text:

It was discovered that the GNU C Library vfprintf() implementation
contained a possible integer overflow in the format string protection
code offered by FORTIFY_SOURCE. An attacker could use this flaw in
conjunction with a format string vulnerability to bypass the format
string protection and possibly execute arbitrary code.

Upstream commit is http://sourceware.org/git/?p=glibc.git;a=commit;h=7c1f4834d398163d1ac8101e35e9c36fc3176e6e .

(debdiff forthcoming)

Tags:

Related branches

lp:ubuntu/precise/eglibc

CVE References

Revision history for this message

Steve Beattie (sbeattie) wrote on 2012-03-12:

eglibc_2.15-0ubuntu6.debdiff Edit (11.1 KiB, text/plain)

For the record, bzr reports the packaging branch for eglibc is out of date. Here is a debdiff to fix this issue and bug 901716. Confirmed to build on precise/amd64.

visibility:

private → public

Brian Murray (brian-murray) on 2012-03-13

Changed in eglibc (Ubuntu):
importance:	Undecided → High
assignee:	nobody → Canonical Foundations Team (canonical-foundations)

Michael Vogt (mvo) on 2012-03-13

Changed in eglibc (Ubuntu):
status:	New → In Progress

Revision history for this message

Michael Vogt (mvo) wrote on 2012-03-13:

I build/tested this and its fine, it can be uploaded but apparently there is another fix pending that should be bundled.

Marc Deslauriers (mdeslaur) on 2012-03-14

Changed in eglibc (Ubuntu):
milestone:	none → ubuntu-12.04-beta-2
tags:	added: rls-p-tracking

Revision history for this message

Martin Pitt (pitti) wrote on 2012-03-19:

I'm unsubscribing sponsors, as apparently this isn't supposed to be uploaded by sponsors. Please re-subscribe if that changed.

Adam Conrad (adconrad) on 2012-03-21

Changed in eglibc (Ubuntu):
assignee:	Canonical Foundations Team (canonical-foundations) → Adam Conrad (adconrad)

Revision history for this message

Launchpad Janitor (janitor) wrote on 2012-03-21:

This bug was fixed in the package eglibc - 2.15-0ubuntu6

---------------
eglibc (2.15-0ubuntu6) precise; urgency=low

  * SECURITY UPDATE: denial of service in RPC implementation (LP: #901716)
    - debian/patches/any/local-CVE-2011-4609.patch: nanosleep when too
      many open fds are detected
    - CVE-2011-4609
  * SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
    check bypass (LP: #953171)
    - debian/patches/any/cvs-CVE-2012-0864.patch: check for integer
      overflow
    - CVE-2012-0864
-- Steve Beattie <email address hidden> Mon, 12 Mar 2012 09:20:41 -0700

Changed in eglibc (Ubuntu):
status:	In Progress → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

eglibc_2.15-0ubuntu6.debdiff Edit

Add patch

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntueglibc package

Please fix CVE-2012-0864 in precise

Bug Description

Related branches

CVE References

Other bug subscribers

Patches

Remote bug watches

Ubuntu
eglibc package