[ubuntu/yakkety-updates] valgrind 1:3.12.0~svn20160714-1ubuntu2.1 (Accepted)

Wed, 21 Jun 2017 10:59:01 -0700 

valgrind (1:3.12.0~svn20160714-1ubuntu2.1) yakkety-security; urgency=medium

  * SECURITY UPDATE: integer overflow in string_appends
    - debian/patches/CVE-2016-2226.patch: check for overflow in
      coregrind/m_demangle/cplus-dem.c, add xmalloc_failed and xmemdup to
      coregrind/m_demangle/vg_libciface.h.
    - CVE-2016-2226
  * SECURITY UPDATE: use-after-free vulnerabilities
    - debian/patches/CVE-2016-4487_4488.patch: set bsize and ksize in
      coregrind/m_demangle/cplus-dem.c.
    - CVE-2016-4487
    - CVE-2016-4488
  * SECURITY UPDATE: integer overflow in gnu_special
    - debian/patches/CVE-2016-4489.patch: handle case where consume_count
      returns -1 in coregrind/m_demangle/cplus-dem.c.
    - CVE-2016-4489
  * SECURITY UPDATE: integer overflow after sanity checks
    - debian/patches/CVE-2016-4490.patch: parse numbers as integer instead
      of long in coregrind/m_demangle/cp-demangle.c.
    - CVE-2016-4490
  * SECURITY UPDATE: denial of service via infinite recursion
    - debian/patches/CVE-2016-4491.patch: limit recursion in
      coregrind/m_demangle/cp-demangle.c, coregrind/m_demangle/demangle.h.
    - CVE-2016-4491
  * SECURITY UPDATE: buffer overflow in do_type
    - debian/patches/CVE-2016-4492_4493.patch: properly handle large values
      and overflow in coregrind/m_demangle/cplus-dem.c.
    - CVE-2016-4492
    - CVE-2016-4493
  * SECURITY UPDATE: denial of service via infinite recursion
    - debian/patches/CVE-2016-6131.patch: prevent infinite recursion in
      coregrind/m_demangle/cplus-dem.c, add XDUPVEC to
      coregrind/m_demangle/vg_libciface.h.
    - CVE-2016-6131

Date: 2017-06-07 20:17:14.274481+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
Signed-By: Ubuntu Archive Robot 
<cjwatson+ubuntu-archive-ro...@chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/valgrind/1:3.12.0~svn20160714-1ubuntu2.1

Sorry, changesfile not available.
-- 
Yakkety-changes mailing list
Yakkety-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/yakkety-changes

Reply via email to