-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 26 Jul 2016 11:06:56 +0200 Source: uclibc Binary: uclibc-source libuclibc-dev libuclibc-pic uclibc0.9.32 uclibc32-0.9.32 uclibc64-0.9.32 uclibc0.9.32-multilib libc0.9.32uc lib32c0.9.32uc lib64c0.9.32uc libm0.9.32uc lib32m0.9.32uc lib64m0.9.32uc Architecture: source all Version: 0.9.32-1+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Simon Richter <sjr@debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: lib32c0.9.32uc - Small C library implementation - 32 bit C library lib32m0.9.32uc - Small C library implementation - C library lib64c0.9.32uc - Small C library implementation - 64 bit C library lib64m0.9.32uc - Small C library implementation - C library libc0.9.32uc - Small C library implementation - C library libm0.9.32uc - Small C library implementation - C library libuclibc-dev - Small C library implementation - development files libuclibc-pic - Small C library implementation - PIC static library uclibc-source - Small C library implementation - source uclibc0.9.32 - Small C library implementation - runtime libraries uclibc0.9.32-multilib - Small C library implementation - non-standard runtime libraries uclibc32-0.9.32 - Small C library implementation - 32 bit runtime libraries uclibc64-0.9.32 - Small C library implementation - 64 bit runtime libraries Changes: uclibc (0.9.32-1+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload by the LTS team. * CVE-2016-2224: Fix possible denial of service via a specially crafted DNS reply that could cause an infinite loop. * CVE-2016-2225: Fix possible denial of service via specially crafted packet that will make the parser terminate early. * CVE-2016-6264: It was found that 'BLT' instruction in libc/string/arm/memset.S checks for signed values. If parameter of memset is negative, then value added to the PC will be large. Attacker that controls the length parameter of memset can also control the value of PC register. Checksums-Sha1: ad0320b559511e97b7c4093bff4a7a246d075468 2596 uclibc_0.9.32-1+deb7u1.dsc 46925d7f9964680cd3a8a0acad5252355f9488d6 3864011 uclibc_0.9.32.orig.tar.gz 912a27887b92e6977861e7dfa32c3aa02a0eb0fa 12829 uclibc_0.9.32-1+deb7u1.debian.tar.gz 7192cf61fe8888245889282ee3828f6c6c0cd1e1 2861814 uclibc-source_0.9.32-1+deb7u1_all.deb Checksums-Sha256: bebacbd10428303bdafeb676de68ff1452ee23e460dc485fb0e0579d030f57da 2596 uclibc_0.9.32-1+deb7u1.dsc f3a2a7f5d143c09443deb1a106cf2fcf0ba9fe61ad04a477a70914a02f2fb095 3864011 uclibc_0.9.32.orig.tar.gz 17246950b242ff9b2f170d8bec1cb0b8896e1669a41f283bace4b25b78ab82ee 12829 uclibc_0.9.32-1+deb7u1.debian.tar.gz ad32cf1404cf43ede37b75a2210f147af04f0c5c6deccb438f7da77484c8c889 2861814 uclibc-source_0.9.32-1+deb7u1_all.deb Files: aa95b165f2d6802b6482ddbbcedab190 2596 libs extra uclibc_0.9.32-1+deb7u1.dsc 7e29b3da4dea621b1ce3129084898564 3864011 libs extra uclibc_0.9.32.orig.tar.gz 02443a57feefdc4c6a22e64e5eb11f2e 12829 libs extra uclibc_0.9.32-1+deb7u1.debian.tar.gz 6f8d764b7e6d1e73b5b1b20ea08eeb00 2861814 devel extra uclibc-source_0.9.32-1+deb7u1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJXly0JXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkD4oP/ie0HiTjUQ7gEE2K87yiBSIG Nkb8WDwszcetuLc39ccJ5LrUD71La2v7wSVHIBV7yqbksFNa9/x8wT7m50sZHygc TFEWvY1p5UfzbBZoPFqPLhi/x3jLgbH726COj4QfPNJyo8LsqGJ+hqPUvaNSQxE8 2skpvx6kuym8xyi6uNBsNcH4+jnE9D+fh7Lx3O1BB4JhfiMFkeJPRlTkjGXTLZi1 FTh9xgMnXm9pYz86htjJ50MvbNgtYQDEF/ttb3lqMQ1QxqrfWzVUnv2gbhZ0ZESj U12Yx+eDkDarQ4lzGTUBFtRFndllZkmNpAbZnDcpjq7XPdKMw650ryMylMRmijvK nfShsfmyYTyNsRpgeRFI7j1lEs+zslh9hjKV8wCxH0feBn8r/2iShfbrJ6wHKxdg WPjQttMFNjNblvQ36UzSTp9c8yZTdHLRu8VFtpIu9FYQEM0tbPE5abgE2NEye7nM 11NjSNvNlPwXWfs3x7DNapLAu5Tb9xafiqKPYbcc5Zd2D8Wx7kMlL2gzSQRLdSo2 MPaQ/0HX0+ljhGk0i1pcNwQPmHxevjI1elXch4w2D3eYOHQuNQkKWmtQsKkQvxHz v9y8Bz7KlJTxOIpt2VPCBepEcPd6vzJ1tYlBPs2oQgLNE+b7wyMGJ/bd+rR+8vI1 y3yeDR8Tw/XkFj8sxFVj =vZO0 -----END PGP SIGNATURE-----
