-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 11 Feb 2016 23:11:53 +0100 Source: eglibc Binary: libc-bin libc-dev-bin glibc-doc eglibc-source locales locales-all nscd multiarch-support libc6 libc6-dev libc6-dbg libc6-prof libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-prof libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-prof libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-prof libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc64 libc6-dev-sparc64 libc6-s390 libc6-dev-s390 libc6-s390x libc6-dev-s390x libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-i686 libc6-xen libc0.1-i686 libc0.3-i686 libc0.3-xen libc6.1-alphaev67 libc6-loongson2f libnss-dns-udeb libnss-files-udeb Architecture: source all amd64 Version: 2.13-38+deb7u10 Distribution: wheezy-security Urgency: medium Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org> Changed-By: Aurelien Jarno <aurel32@debian.org> Description: eglibc-source - Embedded GNU C Library: sources glibc-doc - Embedded GNU C Library: Documentation libc-bin - Embedded GNU C Library: Binaries libc-dev-bin - Embedded GNU C Library: Development binaries libc0.1 - Embedded GNU C Library: Shared libraries libc0.1-dbg - Embedded GNU C Library: detached debugging symbols libc0.1-dev - Embedded GNU C Library: Development Libraries and Header Files libc0.1-dev-i386 - Embedded GNU C Library: 32bit development libraries for AMD64 libc0.1-i386 - Embedded GNU C Library: 32bit shared libraries for AMD64 libc0.1-i686 - Embedded GNU C Library: Shared libraries [i686 optimized] libc0.1-pic - Embedded GNU C Library: PIC archive library libc0.1-prof - Embedded GNU C Library: Profiling Libraries libc0.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb) libc0.3 - Embedded GNU C Library: Shared libraries libc0.3-dbg - Embedded GNU C Library: detached debugging symbols libc0.3-dev - Embedded GNU C Library: Development Libraries and Header Files libc0.3-i686 - Embedded GNU C Library: Shared libraries [i686 optimized] libc0.3-pic - Embedded GNU C Library: PIC archive library libc0.3-prof - Embedded GNU C Library: Profiling Libraries libc0.3-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb) libc0.3-xen - Embedded GNU C Library: Shared libraries [Xen version] libc6 - Embedded GNU C Library: Shared libraries libc6-amd64 - Embedded GNU C Library: 64bit Shared libraries for AMD64 libc6-dbg - Embedded GNU C Library: detached debugging symbols libc6-dev - Embedded GNU C Library: Development Libraries and Header Files libc6-dev-amd64 - Embedded GNU C Library: 64bit Development Libraries for AMD64 libc6-dev-i386 - Embedded GNU C Library: 32-bit development libraries for AMD64 libc6-dev-mips64 - Embedded GNU C Library: 64bit Development Libraries for MIPS64 libc6-dev-mipsn32 - Embedded GNU C Library: n32 Development Libraries for MIPS64 libc6-dev-powerpc - Embedded GNU C Library: 32bit powerpc development libraries for p libc6-dev-ppc64 - Embedded GNU C Library: 64bit Development Libraries for PowerPC64 libc6-dev-s390 - Embedded GNU C Library: 32bit Development Libraries for IBM zSeri libc6-dev-s390x - Embedded GNU C Library: 64bit Development Libraries for IBM zSeri libc6-dev-sparc64 - Embedded GNU C Library: 64bit Development Libraries for UltraSPAR libc6-i386 - Embedded GNU C Library: 32-bit shared libraries for AMD64 libc6-i686 - Embedded GNU C Library: Shared libraries [i686 optimized] libc6-loongson2f - Embedded GNU C Library: Shared libraries (Loongson 2F optimized) libc6-mips64 - Embedded GNU C Library: 64bit Shared libraries for MIPS64 libc6-mipsn32 - Embedded GNU C Library: n32 Shared libraries for MIPS64 libc6-pic - Embedded GNU C Library: PIC archive library libc6-powerpc - Embedded GNU C Library: 32bit powerpc shared libraries for ppc64 libc6-ppc64 - Embedded GNU C Library: 64bit Shared libraries for PowerPC64 libc6-prof - Embedded GNU C Library: Profiling Libraries libc6-s390 - Embedded GNU C Library: 32bit Shared libraries for IBM zSeries libc6-s390x - Embedded GNU C Library: 64bit Shared libraries for IBM zSeries libc6-sparc64 - Embedded GNU C Library: 64bit Shared libraries for UltraSPARC libc6-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb) libc6-xen - Embedded GNU C Library: Shared libraries [Xen version] libc6.1 - Embedded GNU C Library: Shared libraries libc6.1-alphaev67 - Embedded GNU C Library: Shared libraries (EV67 optimized) libc6.1-dbg - Embedded GNU C Library: detached debugging symbols libc6.1-dev - Embedded GNU C Library: Development Libraries and Header Files libc6.1-pic - Embedded GNU C Library: PIC archive library libc6.1-prof - Embedded GNU C Library: Profiling Libraries libc6.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb) libnss-dns-udeb - Embedded GNU C Library: NSS helper for DNS - udeb (udeb) libnss-files-udeb - Embedded GNU C Library: NSS helper for files - udeb (udeb) locales - Embedded GNU C Library: National Language (locale) data [support] locales-all - Embedded GNU C Library: Precompiled locale data multiarch-support - Transitional package to ensure multiarch compatibility nscd - Embedded GNU C Library: Name Service Cache Daemon Closes: 812441 812445 812455 Changes: eglibc (2.13-38+deb7u10) wheezy-security; urgency=medium . [ Aurelien Jarno ] * patches/any/cvs-strftime.diff: new patch from upstream to fix segmentation fault caused by passing out-of-range data to strftime() (CVE-2015-8776). Closes: #812445. * patches/any/cvs-hcreate.diff: new patch from upstream to fix an integer overflow in hcreate() and hcreate_r() (CVE-2015-8778). Closes: #812441. * patches/any/cvs-catopen.diff: new patch from upstream to fix multiple unbounded stack allocations in catopen() (CVE-2015-8779). Closes: #812455. * patches/any/cvs-gethostbyname4-memory-leak.diff: new patch from upstream to fix a memory leak in _nss_dns_gethostbyname4_r with big DNS answers. * patches/any/local-CVE-2015-7547.diff: new patch to fix glibc getaddrinfo stack-based buffer overflow (CVE-2015-7547). Checksums-Sha1: 88c4d272d517a7e9fd19c17e7ea82aad54ec1e1b 5376 eglibc_2.13-38+deb7u10.dsc fe803d763aece9cdadcbf79f9c4fce848ef55dd4 2043246 eglibc_2.13-38+deb7u10.diff.gz b275dd5a7d9615503bdd4a3264ab5e6dadf666f9 1898642 glibc-doc_2.13-38+deb7u10_all.deb 095e1996d872eb1030e9684b7b4570c17acd7730 13565616 eglibc-source_2.13-38+deb7u10_all.deb 765589b94675996a6cc78de0bb326bf624780bde 5717232 locales_2.13-38+deb7u10_all.deb Checksums-Sha256: 55af8c243c4dfb1fba69e5eb5587e6c7228f3114e885cc3fee5c8776f7a3d9c5 5376 eglibc_2.13-38+deb7u10.dsc 30c68b8ac3d434f19feafd2f2814224d53548ade548e1abbf49a0b128fb2e95d 2043246 eglibc_2.13-38+deb7u10.diff.gz 35d7b8320f2cd4109d2597500ca342359732dd20a74e17c03651259aedec1c9b 1898642 glibc-doc_2.13-38+deb7u10_all.deb f67dbbb799eae2116b58e1f3e9a848996b0010b883aa8946d768e526fe4b8067 13565616 eglibc-source_2.13-38+deb7u10_all.deb da8a6574b0655fb36183ac732d3483006b28157f06b9f331dec60ef76c80268e 5717232 locales_2.13-38+deb7u10_all.deb Files: d5a7a9976d1937cc6f0cec965df6f981 5376 libs required eglibc_2.13-38+deb7u10.dsc c061cd248a62e5ffe6758e3f08a30f06 2043246 libs required eglibc_2.13-38+deb7u10.diff.gz d4cf7a03a746a256569fdc22c721582a 1898642 doc optional glibc-doc_2.13-38+deb7u10_all.deb 7228afeb66bf69582998c2bd33213562 13565616 devel optional eglibc-source_2.13-38+deb7u10_all.deb 33da2b340dbc7f16f556d2e62ec3dabb 5717232 localization standard locales_2.13-38+deb7u10_all.deb Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWvRVrAAoJELqceAYd3Yyb31oP/Rl20sl/ZJIo5WUFELhDYs/2 KWE+pSBgQ0QT6igOn2D2LGDZgVONPCyhhuDLkWk7gQYHQOAZminzxjobIx52F0/K cXVk7EuZlOs55e67Ma3AXnwy+dMSqsuo5RPZgW9AELdhZtAcHKBqFog47+7hBNgf y7kfeXFa/HE3U5fj/anKYqMWVWmIiTHq4A6C9Cjce/KN7QmG64dX1SsLoqx8SfmR M1kAv+DYt3C73S5hChFC3NOCY/e+W29tcpJikDwaWV0Rt3dmAXrKjFmS1ivbrBPn VtgoHQCVCm88XeryQrucWXKh4SklMgHfy3rlun0RiSO6V03iBn0UV0Li80XY2ssB 831F6SDmsSJkyGyAeuCjaSGUEFf7Q1w3+80tSkHDujQEdlGMqipfocfQtlTP3mAL k5YfG4TzuF6bSd7g9pdQ+MshzdZnxhdfI/w/hyl9XMYoGOUbigDy6/XNhJ4xyHlP Xfqlj3+paldHM7VBtRrru6AX0qfRz3tnjQ3KIGMnZUfMkXdm90oLnog02XfnOsMX E69fy9uSg+ZzZuGfh6P48na9Lxt7PqMniBe6bmr8IM4Xb671nyBm8UT8zJBHmMEj nUvX/MVw9f7uZKc0r/ay0a7nQlNNLNMRgGNCRmbiiRLKG8NUesvrtBcDBxWryXBh mjAvrQJMikWVCOKUUf51 =4Fdv -----END PGP SIGNATURE-----