This bug was fixed in the package eglibc - 2.13-20ubuntu5.1
--------------- eglibc (2.13-20ubuntu5.1) oneiric-security; urgency=low
* SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961) - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from TZ file header - CVE-2009-5029 * SECURITY UPDATE: ld.so insecure handling of privileged programs' RPATHs with $ORIGIN - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of RPATH and ORIGIN - CVE-2011-1658 * SECURITY UPDATE: DoS in RPC implementation (LP: #901716) - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too many open fds is detected - CVE-2011-4609 * SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY check bypass - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer overflow - CVE-2012-0864 -- Steve Beattie <email address hidden> Tue, 06 Mar 2012 11:28:06 -0800
This bug was fixed in the package eglibc - 2.13-20ubuntu5.1
---------------
eglibc (2.13-20ubuntu5.1) oneiric-security; urgency=low
* SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961) patches/ any/glibc- CVE-2009- 5029.patch: Check values from patches/ any/glibc- CVE-2011- 1658.patch: improve handling of patches/ any/glibc- CVE-2011- 4609.patch: nanosleep when too patches/ any/glibc- CVE-2012- 0864.patch: check for integer
- debian/
TZ file header
- CVE-2009-5029
* SECURITY UPDATE: ld.so insecure handling of privileged programs'
RPATHs with $ORIGIN
- debian/
RPATH and ORIGIN
- CVE-2011-1658
* SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
- debian/
many open fds is detected
- CVE-2011-4609
* SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
check bypass
- debian/
overflow
- CVE-2012-0864
-- Steve Beattie <email address hidden> Tue, 06 Mar 2012 11:28:06 -0800