Debian Security Advisory
DLA-992-1 eglibc -- LTS security update
- Date Reported:
- 19 Jun 2017
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2017-1000366.
- More information:
The Qualys Research Labs discovered various problems in the dynamic linker of the GNU C Library which allow local privilege escalation by clashing the stack. For the full details, please refer to their advisory published at: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
For Debian 7
Wheezy, these problems have been fixed in version 2.13-38+deb7u12.
We recommend that you upgrade your eglibc packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS