Download
| Alert*
oval:org.secpod.oval:def:89003245
This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: regex: fix read overrun - CVE-2016-10739: Fully parse IPv4 address strings - CVE-2009-5155: ERE "0|0|\1|0" causes regexec undefined behavior Non-security issues fixed: - Enable TLE only if GLIBC_ELISION_ENAB ... oval:org.secpod.oval:def:89003322 This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match . - CVE-2009-5155: Fixed a denial of service in parse_reg_exp . Non-security issues fixed: - Added cfi information ... oval:org.secpod.oval:def:89050636 This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match . - CVE-2009-5155: Fixed a denial of service in parse_reg_exp . Non-security issues fixed: - Does no longer compres ... oval:org.secpod.oval:def:89003415 This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match . - CVE-2009-5155: Fixed a denial of service in parse_reg_exp . Non-security issues fixed: - Added cfi information ... oval:org.secpod.oval:def:2003556 In the GNU C Library before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service or trigger an incorrect result by attempting a regular-expression match. oval:org.secpod.oval:def:1701053 In the GNU C Library before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service or trigger an incorrect result by attempting a regular-expression match. The pop_fail_stack function in the GNU C Library allows context-dependent attacke ... |