[SECURITY] [DLA 3807-1] glibc security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 3807-1] glibc security update
From: Adrian Bunk <bunk@debian.org>
Date: Sat, 4 May 2024 01:50:16 +0300
Message-id: <[🔎] ZjVqKAJVNkpxX13N@localhost>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3807-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Adrian Bunk
May 04, 2024                                  https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : glibc
Version        : 2.28-10+deb10u3
CVE ID         : CVE-2024-2961
Debian Bug     : 1069191

Out-of-bounds write in the iconv ISO-2022-CN-EXT module has been fixed 
in the GNU C library.

For Debian 10 buster, this problem has been fixed in version
2.28-10+deb10u3.

We recommend that you upgrade your glibc packages.

For the detailed security status of glibc please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/glibc

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmY1aigACgkQiNJCh6LY
mLGjcxAAxBL18otZwuVuVB34Erd8NEPjiBRL5fGubQ5y2T3Amo8g/SY32KUR6Ud/
r/HZh3JYcYtwKLwRcMPszVCAAxB0dhSg4hwXgvh0LYEWL+Qdwccv1EjEDxxgYVCH
ecDGYjl7dYoGrNlsf2R3IMhpX9W8fn08vdbvheSgIkFSIRwccvswftH/CFn06UBd
TQxtyX0pbWljvHYUB/BxcOViHkrF1p7MS6XDG078d54EBzB0g7wwUyUzXN41myKN
N1/2AWH7fVFbpp+zoiuw5cr1QspiOxWuqse3W0nzisGMMDIStjAFQol51eVrY2M0
DUmOYFETep/9Q9cwFTKz0czwChFgazCmKiVAnuV3pg3DAlSa8IBjKTy0VSLcBlcT
Qaoh8nI67/aFKvzNKY1InuwHeokSJyPl8raWFpX1z7gDgvbthWJ9cHghdAQdIh22
7W2AAHw1l5ZHpbPacy5x9hWjQSxBo08AlqWFGWSFf+UXqo2y66PLa4aqlham7/Yj
Umr2wyQGpmACV3RHVTEYhbjfZDAcYqdo/L0W6vrQU+AIl1kpIMZyHj23rSkmwdAC
V+A8gUa33su6AQ6axSTEq1/JembE8bv/pqaJtYyBgjMX8cJ04UdNV1Z7NsPwelaK
a2Qm312fOHDZ4AnfhYBZLC4QE01Z9J2fN4+kCUsJfPzqKA3qpiM=
=Sg1j
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3806-1] distro-info-data database update
Next by Date: [SECURITY] Debian 10 LTS will reach end-of-life on June 30th, 2024
Previous by thread: [SECURITY] [DLA 3806-1] distro-info-data database update
Next by thread: [SECURITY] Debian 10 LTS will reach end-of-life on June 30th, 2024
Index(es):
- Date
- Thread