Summary: | <sys-libs/glibc-2.32-r5: Multiple vulnerabilities (CVE-2020-{29562,29573}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://sourceware.org/bugzilla/show_bug.cgi?id=26923 | ||
Whiteboard: | B3 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 766650 | ||
Bug Blocks: |
Description
Sam James
2020-12-04 07:52:45 UTC
Not clear if this is in a patchset yet or not. It may be worth including bug 756316 (not a security bug)'s patch too while rolling a new one. * CVE-2020-29573 Description: "sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf." Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=26649 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f98d2b1f32c99392b6a7bea550732c0585d1fea8 commit f98d2b1f32c99392b6a7bea550732c0585d1fea8 Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2020-12-08 07:53:59 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2020-12-08 08:30:49 +0000 sys-libs/glibc: 2.32: cut 4 patchset Three new patches: - iconv: Fix incorrect UCS4 inner loop bounds (BZ#26923) - x86: Harden printf against non-normal long double values (bug 26649) - x86: Fix THREAD_SELF definition to avoid ld.so crash (bug 27004) Should fix CVE-2020-29562, CVE-2020-29573 and another gcc-11 compatibility. Reported-by: Sam James Bug: https://bugs.gentoo.org/758359 Reported-by: Sam James Bug: https://bugs.gentoo.org/758359 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org> sys-libs/glibc/Manifest | 1 + sys-libs/glibc/glibc-2.32-r5.ebuild | 1513 +++++++++++++++++++++++++++++++++++ 2 files changed, 1514 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f98d2b1f32c99392b6a7bea550732c0585d1fea8 commit f98d2b1f32c99392b6a7bea550732c0585d1fea8 Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2020-12-08 07:53:59 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2020-12-08 08:30:49 +0000 sys-libs/glibc: 2.32: cut 4 patchset Three new patches: - iconv: Fix incorrect UCS4 inner loop bounds (BZ#26923) - x86: Harden printf against non-normal long double values (bug 26649) - x86: Fix THREAD_SELF definition to avoid ld.so crash (bug 27004) Should fix CVE-2020-29562, CVE-2020-29573 and another gcc-11 compatibility. Reported-by: Sam James Bug: https://bugs.gentoo.org/758359 Reported-by: Sam James Bug: https://bugs.gentoo.org/758359 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org> sys-libs/glibc/Manifest | 1 + sys-libs/glibc/glibc-2.32-r5.ebuild | 1513 +++++++++++++++++++++++++++++++++++ 2 files changed, 1514 insertions(+) Thank you! Let us know when ready to stable. This issue was resolved and addressed in GLSA 202101-20 at https://security.gentoo.org/glsa/202101-20 by GLSA coordinator Aaron Bauman (b-man). re-opened for final arches and masking The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=83d1238d25598dadbf06e3efe61619dbd934c77f commit 83d1238d25598dadbf06e3efe61619dbd934c77f Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2021-02-25 18:17:02 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2021-02-25 18:17:45 +0000 sys-libs/glibc: Remove old Bug: https://bugs.gentoo.org/758359 Package-Manager: Portage-3.0.13, Repoman-3.0.2 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org> sys-libs/glibc/Manifest | 2 - sys-libs/glibc/glibc-2.32-r2.ebuild | 1521 ----------------------------------- sys-libs/glibc/glibc-2.32-r3.ebuild | 1513 ---------------------------------- sys-libs/glibc/glibc-2.32-r5.ebuild | 1513 ---------------------------------- 4 files changed, 4549 deletions(-) Cleanup done. Toolchain out. Unable to check for sanity:
> no match for package: sys-libs/glibc-2.32-r5
GLSA done, tree clean. All done. |