Information on source package eglibc

Available versions

ReleaseVersion
wheezy2.13-38+deb7u10
wheezy (security)2.13-38+deb7u11

Open issues

BugwheezyDescription
CVE-2016-4429vulnerable (no DSA)Stack-based buffer overflow in the clntudp_call function in ...
CVE-2016-2856vulnerable (no DSA)pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; ...
CVE-2016-10228vulnerable (no DSA)The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and ...
CVE-2015-5180vulnerable (no DSA)DNS resolver NULL pointer dereference with crafted record type
CVE-2014-9761vulnerable (no DSA)Multiple stack-based buffer overflows in the GNU C Library (aka glibc ...
CVE-2013-2207vulnerable (no DSA)pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not ...

Open unimportant issues

BugwheezyDescription
CVE-2010-4756vulnerableThe glob implementation in the GNU C Library (aka glibc or libc6) ...
CVE-2010-4052vulnerableStack consumption vulnerability in the regcomp implementation in the ...
CVE-2010-4051vulnerableThe regcomp implementation in the GNU C Library (aka glibc or libc6) ...
CVE-2010-3192vulnerableCertain run-time memory protection mechanisms in the GNU C Library ...

Resolved issues

BugDescription
TEMP-0552518-ADA4BAeglibc: ldd arbitrary code execution
CVE-2016-6323The makecontext function in the GNU C Library (aka glibc or libc6) ...
CVE-2016-5417Memory leak in the __res_vinit function in the IPv6 name server ...
CVE-2016-3706Stack-based buffer overflow in the getaddrinfo function in ...
CVE-2016-3075Stack-based buffer overflow in the nss_dns implementation of the ...
CVE-2016-1234Stack-based buffer overflow in the glob implementation in GNU C ...
CVE-2015-8984The fnmatch function in the GNU C Library (aka glibc or libc6) before ...
CVE-2015-8983Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c ...
CVE-2015-8982Integer overflow in the strxfrm function in the GNU C Library (aka ...
CVE-2015-8779Stack-based buffer overflow in the catopen function in the GNU C ...
CVE-2015-8778Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 ...
CVE-2015-8777The process_envvars function in elf/rtld.c in the GNU C Library (aka ...
CVE-2015-8776The strftime function in the GNU C Library (aka glibc or libc6) before ...
CVE-2015-7547Multiple stack-based buffer overflows in the (1) send_dg and (2) ...
CVE-2015-5277The get_contents function in nss_files/files-XXX.c in the Name Service ...
CVE-2015-5229The calloc function in the glibc package in Red Hat Enterprise Linux ...
CVE-2015-1781Buffer overflow in the gethostbyname_r and other unspecified NSS ...
CVE-2015-1473The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka ...
CVE-2015-1472The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka ...
CVE-2015-0235Heap-based buffer overflow in the __nss_hostname_digits_dots function ...
CVE-2014-9402The nss_dns implementation of getnetbyname in GNU C Library (aka ...
CVE-2014-8121DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in ...
CVE-2014-7817The wordexp function in GNU C Library (aka glibc) 2.21 does not ...
CVE-2014-6040GNU C Library (aka glibc) before 2.20 allows context-dependent ...
CVE-2014-5119Off-by-one error in the __gconv_translit_find function in ...
CVE-2014-4043The posix_spawn_file_actions_addopen function in glibc before 2.20 ...
CVE-2014-0475Multiple directory traversal vulnerabilities in GNU C Library (aka ...
CVE-2013-7424The getaddrinfo function in glibc before 2.15, when compiled with ...
CVE-2013-7423The send_dg function in resolv/res_send.c in GNU C Library (aka glibc ...
CVE-2013-4788The PTR_MANGLE implementation in the GNU C Library (aka glibc or ...
CVE-2013-4458Stack-based buffer overflow in the getaddrinfo function in ...
CVE-2013-4357getaddrinfo(), glob_in_dir stack overflow
CVE-2013-4332Multiple integer overflows in malloc/malloc.c in the GNU C Library ...
CVE-2013-4237sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) ...
CVE-2013-1914Stack-based buffer overflow in the getaddrinfo function in ...
CVE-2013-0242Buffer overflow in the extend_buffers function in the regular ...
CVE-2012-6656iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows ...
CVE-2012-4424Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library ...
CVE-2012-4412Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc ...
CVE-2012-3480Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, ...
CVE-2012-3406The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka ...
CVE-2012-3405The vfprintf function in stdio-common/vfprintf.c in libc in GNU C ...
CVE-2012-3404The vfprintf function in stdio-common/vfprintf.c in libc in GNU C ...
CVE-2012-0864Integer overflow in the vfprintf function in stdio-common/vfprintf.c ...
CVE-2011-5320glibc scanf implementation crashes on certain inputs
CVE-2011-4609The svc_run function in the RPC implementation in glibc before 2.15 ...
CVE-2011-2702Integer signedness error in Glibc before 2.13 and eglibc before 2.13, ...
CVE-2011-1659Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or ...
CVE-2011-1658ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier ...
CVE-2011-1095locale/programs/locale.c in locale in the GNU C Library (aka glibc or ...
CVE-2011-1089The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 ...
CVE-2011-1071The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded ...
CVE-2011-0536Multiple untrusted search path vulnerabilities in elf/dl-object.c in ...
CVE-2010-3856ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and ...
CVE-2010-3847elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) ...
CVE-2010-0830Integer signedness error in the elf_get_dynamic_info function in ...
CVE-2010-0296The encode_name macro in misc/mntent_r.c in the GNU C Library (aka ...
CVE-2010-0015nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 ...
CVE-2009-5064** DISPUTED ** ldd in the GNU C Library (aka glibc or libc6) 2.13 and ...
CVE-2009-5029Integer overflow in the __tzfile_read function in glibc before 2.15 ...
CVE-2009-4881Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in ...
CVE-2009-4880Multiple integer overflows in the strfmon implementation in the GNU C ...
CVE-2008-1391Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, ...

Security announcements

DSA / DLADescription
DLA-494-1eglibc - security update
DSA-3480-1eglibc - security update
DLA-416-1eglibc - security update
DLA-411-2eglibc - regression update
DLA-411-1eglibc - security update
DLA-350-1eglibc - security update
DLA-316-1eglibc - security update
DLA-230-1eglibc - security update
DLA-165-1eglibc - security update
DSA-3169-1eglibc - security update
DLA-139-1eglibc - security update
DSA-3142-1eglibc - security update
DLA-122-1eglibc - security update
DLA-97-1eglibc - security update
DLA-43-1eglibc - security update
DSA-3012-1eglibc - security update
DSA-2976-1eglibc - security update

Search for package or bug name: Reporting problems