Package : eglibc Version : 2.11.3-4+deb6u8 CVE ID : not assigned yet Debian Bug : 803927 The strxfrm() function is vulnerable to integer overflows when computing memory allocation sizes (similar to CVE-2012-4412). Furthermore since it fallbacks to use alloca() when malloc() fails, it is vulnerable to stack-based buffer overflows (similar to CVE-2012-4424). Those issues have been fixed in Debian 6 Squeeze with eglibc 2.11.3-4+deb6u8. We recommend that you upgrade libc6 and other packages provided by eglibc. -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/
Attachment:
signature.asc
Description: PGP signature