Register | Log in

libiberty

library of utility functions used by GNU programs

Choose email to subscribe with

general

source: libiberty (main)
version: 20190122-1
maintainer: Debian GCC Maintainers (archive) (DMD)
uploaders: Matthias Klose [DMD]
arch: any
std-ver: 4.3.0
VCS: unknown

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 20141014-1
oldstable: 20161220-1
stable: 20190122-1
testing: 20190122-1
unstable: 20190122-1

versioned links

20141014-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20161220-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20190122-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libiberty-dev

action needed

9 ignored security issues in jessie low

There are 9 open security issues in jessie.

9 issues skipped by the security teams:

CVE-2016-4489: Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtual tables."
CVE-2016-4490: Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths.
CVE-2016-6131: The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types.
CVE-2016-4491: The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once."
CVE-2016-4487: Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec."
CVE-2016-4492: Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary.
CVE-2016-2226: Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow.
CVE-2016-4493: The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary.
CVE-2016-4488: Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec."

Please fix them.

Created: 2016-05-07 Last update: 2019-07-07 09:00

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2016-4491: The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once."

Please fix it.

Created: 2016-05-07 Last update: 2019-07-07 09:00

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2017-10-26 Last update: 2017-10-26 07:22

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.0 instead of 4.3.0).

Created: 2019-07-08 Last update: 2019-07-08 20:08

news

[2019-01-27] libiberty 20190122-1 MIGRATED to testing (Debian testing watch)
[2019-01-22] Accepted libiberty 20190122-1 (source) into unstable (Matthias Klose)
[2018-11-26] libiberty 20181121-1 MIGRATED to testing (Debian testing watch)
[2018-11-21] Accepted libiberty 20181121-1 (source) into unstable (Matthias Klose)
[2018-06-19] libiberty 20180614-1 MIGRATED to testing (Debian testing watch)
[2018-06-13] Accepted libiberty 20180614-1 (source) into unstable (Matthias Klose)
[2018-04-30] libiberty 20180425-1 MIGRATED to testing (Debian testing watch)
[2018-04-25] Accepted libiberty 20180425-1 (source) into unstable (Matthias Klose)
[2017-09-19] libiberty 20170913-1 MIGRATED to testing (Debian testing watch)
[2017-09-13] Accepted libiberty 20170913-1 (source) into unstable (Matthias Klose)
[2017-07-03] libiberty 20170627-1 MIGRATED to testing (Debian testing watch)
[2017-06-27] Accepted libiberty 20170627-1 (source) into unstable (Matthias Klose)
[2016-12-31] libiberty 20161220-1 MIGRATED to testing (Debian testing watch)
[2016-12-20] Accepted libiberty 20161220-1 (source) into unstable (Matthias Klose)
[2016-10-24] libiberty 20161017-1 MIGRATED to testing (Debian testing watch)
[2016-10-17] libiberty 20161011-1 MIGRATED to testing (Debian testing watch)
[2016-10-17] Accepted libiberty 20161017-1 (source) into unstable (Matthias Klose)
[2016-10-11] Accepted libiberty 20161011-1 (source) into unstable (Matthias Klose)
[2016-08-14] libiberty 20160807-1 MIGRATED to testing (Debian testing watch)
[2016-08-07] Accepted libiberty 20160807-1 (source amd64) into unstable (Matthias Klose)
[2016-02-21] libiberty 20160215-1 MIGRATED to testing (Debian testing watch)
[2016-02-15] Accepted libiberty 20160215-1 (source amd64) into unstable (Matthias Klose)
[2014-10-25] libiberty 20141014-1 MIGRATED to testing (Britney)
[2014-10-14] Accepted libiberty 20141014-1 (source amd64) into unstable (Matthias Klose)
[2014-06-18] libiberty 20140612-1 MIGRATED to testing (Debian testing watch)
[2014-06-12] Accepted libiberty 20140612-1 (source amd64) (Matthias Klose)
[2013-12-02] libiberty 20131116-1 MIGRATED to testing (Debian testing watch)
[2013-11-22] Accepted libiberty 20131116-1 (source amd64) (Matthias Klose)

bugs [bug history graph]

all: 0

links

homepage
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 20190122-1
1 bug

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing