timezone file integer overflow

Bug #906961 reported by Kees Cook on 2011-12-20
This bug affects 1 person
Affects Status Importance Assigned to Milestone
eglibc (Ubuntu)

Bug Description

This is CVE-2009-5029. Given the uncommon situations where TZ files are processed by privileged applications, this is not urgent, though there are now examples of this being used in the wild:

Fixed in: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=97ac2654b2d831acaa18a2b018b0736245903fd2

Kees Cook (kees) on 2011-12-20
visibility: private → public
Tyler Hicks (tyhicks) on 2011-12-23
Changed in eglibc (Ubuntu):
status: New → Triaged
importance: Undecided → Medium
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package eglibc - 2.13-24ubuntu1

eglibc (2.13-24ubuntu1) precise; urgency=low

  * Merge with Debian (r5108), bringing in an ARM header patch, and a fix
    for CVE-2009-5029, an integer overflow in timezone code (LP: #906961)

eglibc (2.13-24) unstable; urgency=low

  * patches/m68k/cvs-byteswap.diff: fix m68k optimized version of
    <bits/byteswap.h>. Closes: #652356.
  * Add m68k expected tests results.
  * Update Russian debconf translation, by Yuri Kozlov. Closes: #652428.
  * Update German debconf translation, by Helge Kreutzman. Closes: #652556.
  * patches/any/cvs-tzfile.diff: fix integer overflow in timezone code.
    Closes: #650790.
  * Don't provide debugging symbols for libc-bin, libc-dev-bin and nscd
    packages to avoid conflicts with multiarch.
  * sysdeps/armel.mk, sysdeps/armhf.mk: fix cross compiling.
  * Update Dutch debconf translation, by Jeroen Schot. Closes: #652632.
  * patches/hurd/tg-struct_stat.diff: fix #ifdef typos.
  * kfreebsd/local-sysdeps.diff: update to revision 3952 (from glibc-bsd).
  * patches/m68k/local-pthread_lock.diff: remove, obsolete.
  * patches/arm/cvs-ucontext.diff: fix namespace pollution from
    <sys/ucontext.h> on arm. Closes: #652844.
  * Update French debconf translation, by Christian Perrier. Closes:
 -- Adam Conrad <email address hidden> Tue, 03 Jan 2012 12:04:05 -0700

Changed in eglibc (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers