-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 22 Feb 2015 09:49:50 +0100 Source: eglibc Binary: libc-bin libc-dev-bin glibc-doc eglibc-source locales locales-all nscd multiarch-support libc6 libc6-dev libc6-dbg libc6-prof libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-prof libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-prof libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-prof libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc64 libc6-dev-sparc64 libc6-s390 libc6-dev-s390 libc6-s390x libc6-dev-s390x libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-i686 libc6-xen libc0.1-i686 libc0.3-i686 libc0.3-xen libc6.1-alphaev67 libc6-loongson2f libnss-dns-udeb libnss-files-udeb Architecture: source all Version: 2.13-38+deb7u8 Distribution: wheezy-security Urgency: medium Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org> Changed-By: Aurelien Jarno <aurel32@debian.org> Description: eglibc-source - Embedded GNU C Library: sources glibc-doc - Embedded GNU C Library: Documentation libc-bin - Embedded GNU C Library: Binaries libc-dev-bin - Embedded GNU C Library: Development binaries libc0.1 - Embedded GNU C Library: Shared libraries libc0.1-dbg - Embedded GNU C Library: detached debugging symbols libc0.1-dev - Embedded GNU C Library: Development Libraries and Header Files libc0.1-dev-i386 - Embedded GNU C Library: 32bit development libraries for AMD64 libc0.1-i386 - Embedded GNU C Library: 32bit shared libraries for AMD64 libc0.1-i686 - Embedded GNU C Library: Shared libraries [i686 optimized] libc0.1-pic - Embedded GNU C Library: PIC archive library libc0.1-prof - Embedded GNU C Library: Profiling Libraries libc0.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb) libc0.3 - Embedded GNU C Library: Shared libraries libc0.3-dbg - Embedded GNU C Library: detached debugging symbols libc0.3-dev - Embedded GNU C Library: Development Libraries and Header Files libc0.3-i686 - Embedded GNU C Library: Shared libraries [i686 optimized] libc0.3-pic - Embedded GNU C Library: PIC archive library libc0.3-prof - Embedded GNU C Library: Profiling Libraries libc0.3-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb) libc0.3-xen - Embedded GNU C Library: Shared libraries [Xen version] libc6 - Embedded GNU C Library: Shared libraries libc6-amd64 - Embedded GNU C Library: 64bit Shared libraries for AMD64 libc6-dbg - Embedded GNU C Library: detached debugging symbols libc6-dev - Embedded GNU C Library: Development Libraries and Header Files libc6-dev-amd64 - Embedded GNU C Library: 64bit Development Libraries for AMD64 libc6-dev-i386 - Embedded GNU C Library: 32-bit development libraries for AMD64 libc6-dev-mips64 - Embedded GNU C Library: 64bit Development Libraries for MIPS64 libc6-dev-mipsn32 - Embedded GNU C Library: n32 Development Libraries for MIPS64 libc6-dev-powerpc - Embedded GNU C Library: 32bit powerpc development libraries for p libc6-dev-ppc64 - Embedded GNU C Library: 64bit Development Libraries for PowerPC64 libc6-dev-s390 - Embedded GNU C Library: 32bit Development Libraries for IBM zSeri libc6-dev-s390x - Embedded GNU C Library: 64bit Development Libraries for IBM zSeri libc6-dev-sparc64 - Embedded GNU C Library: 64bit Development Libraries for UltraSPAR libc6-i386 - Embedded GNU C Library: 32-bit shared libraries for AMD64 libc6-i686 - Embedded GNU C Library: Shared libraries [i686 optimized] libc6-loongson2f - Embedded GNU C Library: Shared libraries (Loongson 2F optimized) libc6-mips64 - Embedded GNU C Library: 64bit Shared libraries for MIPS64 libc6-mipsn32 - Embedded GNU C Library: n32 Shared libraries for MIPS64 libc6-pic - Embedded GNU C Library: PIC archive library libc6-powerpc - Embedded GNU C Library: 32bit powerpc shared libraries for ppc64 libc6-ppc64 - Embedded GNU C Library: 64bit Shared libraries for PowerPC64 libc6-prof - Embedded GNU C Library: Profiling Libraries libc6-s390 - Embedded GNU C Library: 32bit Shared libraries for IBM zSeries libc6-s390x - Embedded GNU C Library: 64bit Shared libraries for IBM zSeries libc6-sparc64 - Embedded GNU C Library: 64bit Shared libraries for UltraSPARC libc6-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb) libc6-xen - Embedded GNU C Library: Shared libraries [Xen version] libc6.1 - Embedded GNU C Library: Shared libraries libc6.1-alphaev67 - Embedded GNU C Library: Shared libraries (EV67 optimized) libc6.1-dbg - Embedded GNU C Library: detached debugging symbols libc6.1-dev - Embedded GNU C Library: Development Libraries and Header Files libc6.1-pic - Embedded GNU C Library: PIC archive library libc6.1-prof - Embedded GNU C Library: Profiling Libraries libc6.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb) libnss-dns-udeb - Embedded GNU C Library: NSS helper for DNS - udeb (udeb) libnss-files-udeb - Embedded GNU C Library: NSS helper for files - udeb (udeb) locales - Embedded GNU C Library: National Language (locale) data [support] locales-all - Embedded GNU C Library: Precompiled locale data multiarch-support - Transitional package to ensure multiarch compatibility nscd - Embedded GNU C Library: Name Service Cache Daemon Closes: 681888 751774 775572 777197 Changes: eglibc (2.13-38+deb7u8) wheezy-security; urgency=medium . * debian/patches/any/cvs-wscanf.diff: new patch from upstream to fix a heap buffer overflow in wscanf (CVE-2015-1472, CVE-2015-1473). Closes: #777197. * debian/patches/any/cvs-vfprintf.diff: new patch from ustream to fix a stack overflow in vfprintf (CVE-2012-3406). Closes: #681888. * debian/patches/any/cvs-posix_spawn_file_actions_addopen.diff: new patch from upstream to fix a vulnerability in posix_spawn_file_actions_addopen (CVE-2014-4043). Closes: #751774. * debian/patches/any/cvs-getnetbyname.diff: new patch from upstream to fix an infinite loop in getnetbyname (CVE-2014-9402). Closes: #775572. * debian/patches/any/cvs-getaddrinfo-idn.diff: new patch from upstream to fix a invalid-free when using getaddrinfo with IDN (CVE-2013-7424). Checksums-Sha1: 3f6024c33cbbc28cfb7408cf1bd71158dbe65b25 5387 eglibc_2.13-38+deb7u8.dsc ad16463f72e7a6ad264e8b1f55d715aa6c150ee1 2025161 eglibc_2.13-38+deb7u8.diff.gz 6bf967beca00993870856d92ab374a08efe1f9d5 1898264 glibc-doc_2.13-38+deb7u8_all.deb a992fd0b8381153cd9a599875ac9fe87372b1e70 13418902 eglibc-source_2.13-38+deb7u8_all.deb 6c04e6f5231c8792096221e0b7b3f4735534fa84 5708190 locales_2.13-38+deb7u8_all.deb Checksums-Sha256: 761e09d1e83fd7ff5f9b584ff3d4433f974ed56e5c9f58a180ed348d8a67ea3f 5387 eglibc_2.13-38+deb7u8.dsc 752897b2dbc581bbea10077e441c93bee1d6824c055b4ddfe3ca1809c4d2ca31 2025161 eglibc_2.13-38+deb7u8.diff.gz 3823cab9e753bea3257eafce36579c9a9a7e4442ae3e7ebe40d6e48a1890e24d 1898264 glibc-doc_2.13-38+deb7u8_all.deb 2d271f80e9270847df12f95e4d9b89682c959ce0577fdefc74b4397f84b2ced9 13418902 eglibc-source_2.13-38+deb7u8_all.deb fbdec82cc2790947d1c1ddefb9086a386de2ce632afcc03161029a1953836e93 5708190 locales_2.13-38+deb7u8_all.deb Files: 6a68d1b168b660d1e8d91757ab680dc4 5387 libs required eglibc_2.13-38+deb7u8.dsc 027e0ddf239ee6e61957392600a14604 2025161 libs required eglibc_2.13-38+deb7u8.diff.gz 05b799c7293911693044cb7cb76114c8 1898264 doc optional glibc-doc_2.13-38+deb7u8_all.deb 865c319d96eb093222f1de12701058b2 13418902 devel optional eglibc-source_2.13-38+deb7u8_all.deb 7b8e6d7c91f624195b951ba7d10908af 5708190 localization standard locales_2.13-38+deb7u8_all.deb Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJU6aGJAAoJELqceAYd3YybtXsQAJivjjk+19Db+uZYp7Tf99t4 aWf9k7SMjt7jbsg+zl39p4T/cGxGnz0dzDmqmKxTwm8Wn2viNV9x8xxJCzTcv1gZ 9llEj3ucD2AsYxQJdRoqYvuRnMkQFxfVx04jrZbZgpwEfm3IbmWfQOpYBBVa1ilu OOlHm2s54K3tQvAF7htZsMuHNwmofgMv9e7SKQlg2lg31yXTwGakAnkifW0Kdvgt emJ+mMvUIfsCOr/ZMYZxzeFc3+W9qng1L4/0HE5DT2TLMUCfLQHjhZwYUf8kKhgx i3+aJxmWlPfUhXd8s/k5xCRphHmH8aDrV2StHguaZnViBqobNPRgjhNSTJvQPT+m O95pivwJZOa79Wq15CX/0k6gwWfQOr1ADcoLxzhkm3zAMlOxFSrJ1GCL1acon9Hj 5aht/D0qpho3YPCq6e1+DFevj48egRFP4v5QccpyVESWAB+4q6oRox6r9poyVUF1 CBQXNN6ENbago4DGZdTP015ysIsOdlyaV7M160VGxfsihkESPWAnoB9OG4vA7hDA YuJC1J9/DKxx2p0figp50H+R2zNs1JBAO6YRcxkin1bjpS2cf5vYkvO8zXsOvVTA pzZAcDCGFPILxdbBSKsrqAndInK/QneZjYzMgfvWrT/csduVz+lnM+yw0NtxKV/w jQW1UI4FM3WnS5c0n2F7 =KGAX -----END PGP SIGNATURE-----