Information on source package coreutils

Available versions

ReleaseVersion
wheezy8.13-3.5
jessie8.23-4
stretch8.26-3
buster8.26-3
sid8.26-3

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2016-2781vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablechroot in GNU coreutils, when used with --userspec, allows local users ...
CVE-2014-9471vulnerable (no DSA)fixedfixedfixedfixedThe parse_datetime function in GNU coreutils allows remote attackers ...

Open unimportant issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-2616vulnerablefixedfixedfixedfixedSending SIGKILL to other processes with root privileges via su

Resolved issues

BugDescription
TEMP-0306076-4B7D89coreutils ignores umask when using -m in mkdir, mkfifo and mknod
CVE-2015-4042buffer overflow related to SIZE_MAX - lenb - 2 < lena test
CVE-2015-4041heap overflow; size calculation without properly considering the number of bytes occupied by multibyte characters
CVE-2015-1865"time of check to time of use" race condition fts.c
CVE-2013-0223The SUSE coreutils-i18n.patch for GNU coreutils allows ...
CVE-2013-0222The SUSE coreutils-i18n.patch for GNU coreutils allows ...
CVE-2013-0221The SUSE coreutils-i18n.patch for GNU coreutils allows ...
CVE-2009-4135The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 ...
CVE-2008-1946The default configuration of su in /etc/pam.d/su in GNU coreutils ...
CVE-2007-4998cp, when running with an option to preserve symlinks on multiple OSes, ...
CVE-2005-1039Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, ...
CVE-2003-0854ls in the fileutils or coreutils packages allows local users to ...
CVE-2003-0853An integer overflow in ls in the fileutils or coreutils packages may ...

Search for package or bug name: Reporting problems