[Bug 1546457] Re: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required
This bug was fixed in the package glibc - 2.21-0ubuntu4.2 --- glibc (2.21-0ubuntu4.2) wily-security; urgency=medium * SECURITY UPDATE: buffer overflow in gethostbyname_r and related functions - debian/patches/any/CVE-2015-1781.diff: take alignment padding into account when computing if buffer is too small. - CVE-2015-1781 * SECURITY UPDATE: glibc Name Service Switch (NSS) denial of sevice - debian/patches/any/CVE-2014-8121-1.diff: do not close NSS files database during iteration. - debian/patches/any/CVE-2014-8121-2.diff: Separate internal state between getXXent and getXXbyYY NSS calls. - CVE-2014-8121 * SECURITY UPDATE: glibc unbounded stack usage in NaN strtod conversion - debian/patches/any/CVE-2014-9761-1.diff: Refactor strtod parsing of NaN payloads. - debian/patches/any/CVE-2014-9761-1.diff: Fix nan functions handling of payload strings - CVE-2014-9761 * SECURITY UPDATE: out of range data to strftime() causes segfault (denial of service) - debian/patches/any/CVE-2015-8776.diff: add range checks to strftime() processing - CVE-2015-8776 * SECURITY UPDATE: glibc honors LD_POINTER_GUARD env for setuid AT_SECURE programs (e.g. setuid), allowing disabling of pointer mangling - debian/patches/any/CVE-2015-8777.diff: Always enable pointer guard - CVE-2015-8777 * SECURITY UPDATE: integer overflow in hcreate and hcreate_r - debian/patches/any/CVE-2015-8778.diff: check for large inputs - CVE-2015-8778 * SECURITY UPDATE: unbounded stack allocation in catopen() - debian/patches/any/CVE-2015-8779.diff: stop using unbounded alloca() - CVE-2015-8779 * SECURITY UPDATE: Stack overflow in _nss_dns_getnetbyname_r - debian/patches/any/CVE-2016-3075.diff: do not make unneeded memory copy on the stack. - CVE-2016-3075 * SECURITY UPDATE: pt_chown privilege escalation - debian/patches/any/CVE-2016-2856.diff: grantpt: trust the kernel about pty group and permission mode - debian/sysdeps/linux.mk: don't build pt_chown - debian/rules.d/debhelper.mk: only install pt_chown when built. - CVE-2016-2856, CVE-2013-2207 * debian/debhelper.in/libc.postinst: add reboot notifications for security updates (LP: #1546457) -- Steve BeattieFri, 08 Apr 2016 09:44:34 -0700 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546457 Title: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1546457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1546457] Re: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required
This bug was fixed in the package eglibc - 2.19-0ubuntu6.8 --- eglibc (2.19-0ubuntu6.8) trusty-security; urgency=medium * SECURITY UPDATE: buffer overflow in gethostbyname_r and related functions - debian/patches/any/CVE-2015-1781.diff: take alignment padding into account when computing if buffer is too small. - CVE-2015-1781 * SECURITY UPDATE: glibc Name Service Switch (NSS) denial of sevice - debian/patches/any/CVE-2014-8121-1.diff: do not close NSS files database during iteration. - debian/patches/any/CVE-2014-8121-2.diff: Separate internal state between getXXent and getXXbyYY NSS calls. - CVE-2014-8121 * SECURITY UPDATE: glibc unbounded stack usage in NaN strtod conversion - debian/patches/any/CVE-2014-9761-1.diff: Refactor strtod parsing of NaN payloads. - debian/patches/any/CVE-2014-9761-1.diff: Fix nan functions handling of payload strings - CVE-2014-9761 * SECURITY UPDATE: NSS files long line buffer overflow - debian/patches/any/CVE-2015-5277.diff: Don't ignore too long lines in nss_files - CVE-2015-5277 * SECURITY UPDATE: out of range data to strftime() causes segfault (denial of service) - debian/patches/any/CVE-2015-8776.diff: add range checks to strftime() processing - CVE-2015-8776 * SECURITY UPDATE: glibc honors LD_POINTER_GUARD env for setuid AT_SECURE programs (e.g. setuid), allowing disabling of pointer mangling - debian/patches/any/CVE-2015-8777.diff: Always enable pointer guard - CVE-2015-8777 * SECURITY UPDATE: integer overflow in hcreate and hcreate_r - debian/patches/any/CVE-2015-8778.diff: check for large inputs - CVE-2015-8778 * SECURITY UPDATE: unbounded stack allocation in catopen() - debian/patches/any/CVE-2015-8779.diff: stop using unbounded alloca() - CVE-2015-8779 * SECURITY UPDATE: Stack overflow in _nss_dns_getnetbyname_r - debian/patches/any/CVE-2016-3075.diff: do not make unneeded memory copy on the stack. - CVE-2016-3075 * SECURITY UPDATE: pt_chown privilege escalation - debian/patches/any/CVE-2016-2856.diff: grantpt: trust the kernel about pty group and permission mode - debian/sysdeps/linux.mk: don't build pt_chown - debian/rules.d/debhelper.mk: only install pt_chown when built. - CVE-2016-2856, CVE-2013-2207 * debian/debhelper.in/libc.postinst: add reboot notifications for security updates (LP: #1546457) * debian/patches/ubuntu/submitted-no-stack-backtrace.diff: update patch to eliminate compiler warning. -- Steve BeattieFri, 08 Apr 2016 23:26:02 -0700 ** Changed in: eglibc (Ubuntu Trusty) Status: Fix Committed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-5277 ** Changed in: eglibc (Ubuntu Trusty) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546457 Title: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1546457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1546457] Re: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required
This bug was fixed in the package glibc - 2.21-0ubuntu4.2 --- glibc (2.21-0ubuntu4.2) wily-security; urgency=medium * SECURITY UPDATE: buffer overflow in gethostbyname_r and related functions - debian/patches/any/CVE-2015-1781.diff: take alignment padding into account when computing if buffer is too small. - CVE-2015-1781 * SECURITY UPDATE: glibc Name Service Switch (NSS) denial of sevice - debian/patches/any/CVE-2014-8121-1.diff: do not close NSS files database during iteration. - debian/patches/any/CVE-2014-8121-2.diff: Separate internal state between getXXent and getXXbyYY NSS calls. - CVE-2014-8121 * SECURITY UPDATE: glibc unbounded stack usage in NaN strtod conversion - debian/patches/any/CVE-2014-9761-1.diff: Refactor strtod parsing of NaN payloads. - debian/patches/any/CVE-2014-9761-1.diff: Fix nan functions handling of payload strings - CVE-2014-9761 * SECURITY UPDATE: out of range data to strftime() causes segfault (denial of service) - debian/patches/any/CVE-2015-8776.diff: add range checks to strftime() processing - CVE-2015-8776 * SECURITY UPDATE: glibc honors LD_POINTER_GUARD env for setuid AT_SECURE programs (e.g. setuid), allowing disabling of pointer mangling - debian/patches/any/CVE-2015-8777.diff: Always enable pointer guard - CVE-2015-8777 * SECURITY UPDATE: integer overflow in hcreate and hcreate_r - debian/patches/any/CVE-2015-8778.diff: check for large inputs - CVE-2015-8778 * SECURITY UPDATE: unbounded stack allocation in catopen() - debian/patches/any/CVE-2015-8779.diff: stop using unbounded alloca() - CVE-2015-8779 * SECURITY UPDATE: Stack overflow in _nss_dns_getnetbyname_r - debian/patches/any/CVE-2016-3075.diff: do not make unneeded memory copy on the stack. - CVE-2016-3075 * SECURITY UPDATE: pt_chown privilege escalation - debian/patches/any/CVE-2016-2856.diff: grantpt: trust the kernel about pty group and permission mode - debian/sysdeps/linux.mk: don't build pt_chown - debian/rules.d/debhelper.mk: only install pt_chown when built. - CVE-2016-2856, CVE-2013-2207 * debian/debhelper.in/libc.postinst: add reboot notifications for security updates (LP: #1546457) -- Steve BeattieFri, 08 Apr 2016 09:44:34 -0700 ** Changed in: glibc (Ubuntu Wily) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546457 Title: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1546457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1546457] Re: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required
This bug was fixed in the package eglibc - 2.15-0ubuntu10.14 --- eglibc (2.15-0ubuntu10.14) precise-security; urgency=medium * SECURITY UPDATE: buffer overflow in gethostbyname_r and related functions - debian/patches/any/CVE-2015-1781.diff: take alignment padding into account when computing if buffer is too small. - CVE-2015-1781 * SECURITY UPDATE: glibc Name Service Switch (NSS) denial of sevice - debian/patches/any/CVE-2014-8121-1.diff: do not close NSS files database during iteration. - debian/patches/any/CVE-2014-8121-2.diff: Separate internal state between getXXent and getXXbyYY NSS calls. - CVE-2014-8121 * SECURITY UPDATE: glibc unbounded stack usage in NaN strtod conversion - debian/patches/any/CVE-2014-9761-1.diff: Refactor strtod parsing of NaN payloads. - debian/patches/any/CVE-2014-9761-1.diff: Fix nan functions handling of payload strings - CVE-2014-9761 * SECURITY UPDATE: out of range data to strftime() causes segfault (denial of service) - debian/patches/any/CVE-2015-8776.diff: add range checks to strftime() processing - CVE-2015-8776 * SECURITY UPDATE: glibc honors LD_POINTER_GUARD env for setuid AT_SECURE programs (e.g. setuid), allowing disabling of pointer mangling - debian/patches/any/CVE-2015-8777.diff: Always enable pointer guard - CVE-2015-8777 * SECURITY UPDATE: integer overflow in hcreate and hcreate_r - debian/patches/any/CVE-2015-8778.diff: check for large inputs - CVE-2015-8778 * SECURITY UPDATE: unbounded stack allocation in catopen() - debian/patches/any/CVE-2015-8779.diff: stop using unbounded alloca() - CVE-2015-8779 * SECURITY UPDATE: Stack overflow in _nss_dns_getnetbyname_r - debian/patches/any/CVE-2016-3075.diff: do not make unneeded memory copy on the stack. - CVE-2016-3075 * SECURITY UPDATE: pt_chown privilege escalation - debian/patches/any/CVE-2016-2856-pre.diff: add option to enable/disable pt_chown. - debian/patches/any/CVE-2016-2856.diff: grantpt: trust the kernel about pty group and permission mode - debian/debhelper.in/libc-bin.install: drop installation of pt_chown - CVE-2016-2856, CVE-2013-2207 * debian/debhelper.in/libc.postinst: add reboot notifications for security updates (LP: #1546457) -- Steve BeattieFri, 08 Apr 2016 23:59:46 -0700 ** Changed in: eglibc (Ubuntu Precise) Status: Fix Committed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-2207 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-8121 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-9761 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1781 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8776 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8777 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8778 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8779 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-2856 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546457 Title: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1546457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1546457] Re: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required
This bug was fixed in the package eglibc - 2.19-0ubuntu6.8 --- eglibc (2.19-0ubuntu6.8) trusty-security; urgency=medium * SECURITY UPDATE: buffer overflow in gethostbyname_r and related functions - debian/patches/any/CVE-2015-1781.diff: take alignment padding into account when computing if buffer is too small. - CVE-2015-1781 * SECURITY UPDATE: glibc Name Service Switch (NSS) denial of sevice - debian/patches/any/CVE-2014-8121-1.diff: do not close NSS files database during iteration. - debian/patches/any/CVE-2014-8121-2.diff: Separate internal state between getXXent and getXXbyYY NSS calls. - CVE-2014-8121 * SECURITY UPDATE: glibc unbounded stack usage in NaN strtod conversion - debian/patches/any/CVE-2014-9761-1.diff: Refactor strtod parsing of NaN payloads. - debian/patches/any/CVE-2014-9761-1.diff: Fix nan functions handling of payload strings - CVE-2014-9761 * SECURITY UPDATE: NSS files long line buffer overflow - debian/patches/any/CVE-2015-5277.diff: Don't ignore too long lines in nss_files - CVE-2015-5277 * SECURITY UPDATE: out of range data to strftime() causes segfault (denial of service) - debian/patches/any/CVE-2015-8776.diff: add range checks to strftime() processing - CVE-2015-8776 * SECURITY UPDATE: glibc honors LD_POINTER_GUARD env for setuid AT_SECURE programs (e.g. setuid), allowing disabling of pointer mangling - debian/patches/any/CVE-2015-8777.diff: Always enable pointer guard - CVE-2015-8777 * SECURITY UPDATE: integer overflow in hcreate and hcreate_r - debian/patches/any/CVE-2015-8778.diff: check for large inputs - CVE-2015-8778 * SECURITY UPDATE: unbounded stack allocation in catopen() - debian/patches/any/CVE-2015-8779.diff: stop using unbounded alloca() - CVE-2015-8779 * SECURITY UPDATE: Stack overflow in _nss_dns_getnetbyname_r - debian/patches/any/CVE-2016-3075.diff: do not make unneeded memory copy on the stack. - CVE-2016-3075 * SECURITY UPDATE: pt_chown privilege escalation - debian/patches/any/CVE-2016-2856.diff: grantpt: trust the kernel about pty group and permission mode - debian/sysdeps/linux.mk: don't build pt_chown - debian/rules.d/debhelper.mk: only install pt_chown when built. - CVE-2016-2856, CVE-2013-2207 * debian/debhelper.in/libc.postinst: add reboot notifications for security updates (LP: #1546457) * debian/patches/ubuntu/submitted-no-stack-backtrace.diff: update patch to eliminate compiler warning. -- Steve BeattieFri, 08 Apr 2016 23:26:02 -0700 ** Changed in: glibc (Ubuntu Wily) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546457 Title: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1546457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1546457] Re: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required
What's the status on this, can we release them now? We suppose I should not release them to -updates, but you will handle this through -security? Note that there are a few autopkgtest regressions, but these are not really glibc's fault. The vast majority are green, so I think this is good enough. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546457 Title: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1546457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1546457] Re: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required
** Changed in: eglibc (Ubuntu Trusty) Status: New => Fix Committed ** Changed in: eglibc (Ubuntu Trusty) Importance: Undecided => High ** No longer affects: glibc (Ubuntu Precise) ** No longer affects: glibc (Ubuntu Trusty) ** Changed in: glibc (Ubuntu Wily) Status: New => Fix Committed ** Changed in: glibc (Ubuntu Wily) Importance: Undecided => High ** Changed in: eglibc (Ubuntu Precise) Status: New => Fix Committed ** Changed in: eglibc (Ubuntu Precise) Importance: Undecided => High ** No longer affects: eglibc (Ubuntu) ** No longer affects: eglibc (Ubuntu Wily) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546457 Title: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1546457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1546457] Re: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required
I've verified that the the eglibc and glibc packages currently in proposed (precise/2.15-0ubuntu10.14, trusty/2.19-0ubuntu6.8, and wily/2.21-0ubuntu4.2) all trigger the reboot notification when installing/upgrading. (Note that these glibc updates are in proposed for wider testing before being moved to sucurity/updates.) ** Changed in: eglibc (Ubuntu) Status: Fix Committed => Invalid ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546457 Title: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1546457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1546457] Re: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required
** Also affects: glibc (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: eglibc (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: glibc (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: eglibc (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: glibc (Ubuntu Wily) Importance: Undecided Status: New ** Also affects: eglibc (Ubuntu Wily) Importance: Undecided Status: New ** Changed in: eglibc (Ubuntu Wily) Status: New => Invalid ** Changed in: glibc (Ubuntu Precise) Status: New => Invalid ** Changed in: glibc (Ubuntu Trusty) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546457 Title: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1546457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1546457] Re: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required
** Also affects: eglibc (Ubuntu) Importance: Undecided Status: New ** Changed in: eglibc (Ubuntu) Importance: Undecided => High ** Changed in: eglibc (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546457 Title: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1546457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1546457] Re: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required
This bug was fixed in the package glibc - 2.23-0ubuntu3 --- glibc (2.23-0ubuntu3) xenial; urgency=medium * Merge with 2.23 from experimental, bringing in upstream updates: - Save/restore fprs/vrs while resolving symbols (LP: #1564918) - Fix _nss_dns_getnetbyname_r() stack overflow (CVE-2016-3075) - Merge libnss-dns-udeb and libnss-files-udeb into libc6-udeb. * Tidy up locale-gen, thanks to Gunnar Hjalmarsson (LP: #1560577): - Fix thinko that broke handling of multiple locale arguments. - Recognize UTF-8 locales without charset suffix in SUPPORTED. - Fix bug that led to the unsupported message not being shown. * Show reboot-required notification for all updates (LP: #1546457) -- Adam ConradThu, 14 Apr 2016 10:26:16 -0600 ** Changed in: glibc (Ubuntu) Status: Confirmed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-3075 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546457 Title: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1546457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1546457] Re: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required
** Changed in: glibc (Ubuntu) Assignee: Marc Deslauriers (mdeslaur) => Adam Conrad (adconrad) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546457 Title: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1546457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1546457] Re: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required
** Changed in: glibc (Ubuntu) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546457 Title: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1546457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1546457] Re: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required
** Changed in: glibc (Ubuntu) Assignee: (unassigned) => Marc Deslauriers (mdeslaur) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546457 Title: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1546457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1546457] Re: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required
eglibc (2.19-0ubuntu6.7) trusty-security; urgency=medium * SECURITY UPDATE: glibc getaddrinfo stack-based buffer overflow - debian/patches/any/CVE-2015-7547-pre1.diff: fix memory leak in resolv/nss_dns/dns-host.c. - debian/patches/any/CVE-2015-7547-pre2.diff: fix memory leak in include/resolv.h, resolv/gethnamaddr.c, resolv/nss_dns/dns-canon.c, resolv/nss_dns/dns-host.c, resolv/nss_dns/dns-network.c, resolv/res_query.c, resolv/res_send.c. - debian/patches/any/CVE-2015-7547.diff: fix buffer handling in resolv/nss_dns/dns-host.c, resolv/res_query.c, resolv/res_send.c. - CVE-2015-7547 Across all releases did not mark reboot required. ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-7547 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546457 Title: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1546457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1546457] Re: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: glibc (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546457 Title: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1546457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs