Debian Security Advisory

DLA-411-2 eglibc -- LTS security update

Date Reported:
12 Feb 2016
Affected Packages:
eglibc
Vulnerable:
Yes
Security database references:
In the Debian bugtracking system: Bug 814078.
In Mitre's CVE dictionary: CVE-2014-9761.
More information:

The fix for CVE-2014-9761 in Squeeze wrongly backported the upstream patch. New symbols were not declared as private and the ABI changed. This made some programs and services crash after the upgrade, and needed to be restarted.

For Debian 6 Squeeze, these issues have been fixed in eglibc version 2.11.3-4+deb6u10