Summary: | <sys-libs/glibc-{2.25-r11,2.26-r6}: Libc Realpath Buffer Underflow | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Ian Zimmerman <nobrowser> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | holger, hydrapolic, toolchain |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: |
https://sourceware.org/bugzilla/show_bug.cgi?id=18203 https://sourceware.org/bugzilla/show_bug.cgi?id=22679 |
||
Whiteboard: | A3 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 646492 | ||
Bug Blocks: |
Description
Ian Zimmerman
2018-01-12 02:58:56 UTC
fixed in: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=52a713fdd0a30e1bd79818e2e3c4ab44ddca1a94 Thank you Ian and Oleg for the information. Fix added to the gentoo/2.26 branch (will be in patchlevel 6). Fixed upstream in 2.27. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fa2244fedca8e63902ba8d879dbf0f4d9548d754 commit fa2244fedca8e63902ba8d879dbf0f4d9548d754 Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2018-02-08 23:49:17 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2018-02-08 23:49:40 +0000 sys-libs/glibc: Revbump 2.26-r6 with next patchset (patchlevel 6) 10 test failures need investigating: === FAIL: elf/tst-prelink-cmp XPASS: elf/tst-protected1a XPASS: elf/tst-protected1b FAIL: malloc/tst-malloc-tcache-leak FAIL: math/test-float128-finite-tgamma FAIL: math/test-float128-finite-trunc FAIL: math/test-float128-tgamma FAIL: math/test-float128-trunc FAIL: math/test-ifloat128-tgamma FAIL: math/test-ifloat128-trunc FAIL: misc/tst-ttyname UNSUPPORTED: nptl/test-cond-printers UNSUPPORTED: nptl/test-condattr-printers UNSUPPORTED: nptl/test-mutex-printers UNSUPPORTED: nptl/test-mutexattr-printers UNSUPPORTED: nptl/test-rwlock-printers UNSUPPORTED: nptl/test-rwlockattr-printers FAIL: nss/tst-nss-files-hosts-multi Summary of test results: 10 FAIL 4113 PASS 6 UNSUPPORTED 29 XFAIL 2 XPASS === Bug: https://bugs.gentoo.org/646492 Bug: https://bugs.gentoo.org/646490 Bug: https://bugs.gentoo.org/641644 Bug: https://bugs.gentoo.org/644278 Package-Manager: Portage-2.3.21, Repoman-2.3.6 sys-libs/glibc/Manifest | 1 + sys-libs/glibc/glibc-2.26-r6.ebuild | 836 ++++++++++++++++++++++++++++++++++++ 2 files changed, 837 insertions(+)} Fix added to the gentoo/2.25 branch (will be in patchlevel 14). This issue was resolved and addressed in GLSA 201804-02 at https://security.gentoo.org/glsa/201804-02 by GLSA coordinator Aaron Bauman (b-man). |