Download
| Alert*
oval:org.secpod.oval:def:1601076
In the GNU C Library through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HT ... oval:org.secpod.oval:def:503437 The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: * glibc: getaddrinfo should reject I ... oval:org.secpod.oval:def:66474 The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: * glibc: getaddrinfo should reject I ... oval:org.secpod.oval:def:89003245 This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: regex: fix read overrun - CVE-2016-10739: Fully parse IPv4 address strings - CVE-2009-5155: ERE "0|0|\1|0" causes regexec undefined behavior Non-security issues fixed: - Enable TLE only if GLIBC_ELISION_ENAB ... oval:org.secpod.oval:def:89048095 This update for glibc fixes the following issues: - CVE-2016-10739: getaddrinfo: Fully parse IPv4 address strings oval:org.secpod.oval:def:1902200 In the GNU C Library through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HT ... oval:org.secpod.oval:def:1504062 [2.28-72.0.1] - add Ampere emag to tunable cpu list - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make _IO_funlockfile match __funlockfile and _IO_flockfile match _ ... oval:org.secpod.oval:def:503303 The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: * glibc: getaddrinfo should reject I ... oval:org.secpod.oval:def:205299 The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: * glibc: getaddrinfo should reject I ... oval:org.secpod.oval:def:1700439 In the GNU C Library through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HT ... oval:org.secpod.oval:def:205355 The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: * glibc: getaddrinfo should reject I ... oval:org.secpod.oval:def:1504210 aarch64: [2.17-292.0.2] - CR29749550 [armv5] build failure - Add 3 arm patches to aarch64 tree to avoid future build/merge failures. - Rebase aarch64 patches at 30000 to avoid future conflicts. - Reviewed-by: Jose E. Marchesi - EL Errata - Add BUS_MCEERR_AR, BUS_MCEERR_AO to sysdeps/unix/sysv/linux/ ... oval:org.secpod.oval:def:2000942 In the GNU C Library through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HT ... oval:org.secpod.oval:def:2106070 Oracle Solaris 11 - ( CVE-2019-18348 ) |