Comment 2 for bug 1396471

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package eglibc - 2.11.1-0ubuntu7.19

---------------
eglibc (2.11.1-0ubuntu7.19) lucid-security; urgency=medium

  * SECURITY UPDATE: denial of service in IBM gconv modules
    - debian/patches/any/CVE-2012-6656.diff: fix check in
      iconvdata/ibm930.c.
    - debian/patches/any/cvs-CVE-2014-6040.diff: fix checks in
      iconvdata/ibm*.c.
    - CVE-2012-6656
    - CVE-2014-6040
  * SECURITY UPDATE: arbitrary command execution via wordexp (LP: #1396471)
    - debian/patches/any/CVE-2014-7817.diff: properly handle WRDE_NOCMD in
      posix/wordexp.c, added tests to posix/wordexp-test.c.
    - CVE-2014-7817
 -- Marc Deslauriers <email address hidden> Tue, 02 Dec 2014 11:24:33 -0500