Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#1062006: bullseye-pu: package glibc/2.31-13+deb11u8
19 views
Skip to first unread message
Aurelien Jarno
Jan 30, 2024, 4:30:05 PM1/30/24
to
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.d...@packages.debian.org
Usertags: pu
X-Debbugs-Cc: gl...@packages.debian.org
Control: affects -1 + src:glibc
[ Reason ]
A memory corruption was discovered in the glibc's qsort()
function, due to missing bounds check and when called by a program
with a non-transitive comparison function and a large number of
attacker-controlled elements. As the use of qsort() with a
non-transitive comparison function is undefined according to POSIX and
ISO C standards, this is not considered a vulnerability in the glibc
itself (hence no CVE number has been assigned).
However as misbehaving callers seems to be relatively common, it is
still a security issue and the qsort() function needs to be hardened
against them.
[ Impact ]
Installations will be left vulnerable to the qsort() security issue.
[ Tests ]
There is no specific test added for that change, however there are a few
upstream tests checking qsort().
[ Risks ]
The code change is very simple, and has been reviewed as part of
DSA-561-11. In addition a similar change went upstream a few weeks ago:
https://sourceware.org/git/?p=glibc.git;a=commit;h=e4d8117b82065dc72e8df80097360e7c05a349b9
https://sourceware.org/git/?p=glibc.git;a=commit;h=b9390ba93676c4b1e87e218af5e7e4bb596312ac
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
[ Changes ]
The change basically just add a bounds check to a test. This is what got
uploaded in 2.36-9+deb12u4 for bookworm-security and 2.37-15 for
unstable.
[ Other info ]
Given the limited changes, I have already uploaded the package to the
archive. Thanks for considering.
Severity: normal
Tags: bullseye
User: release.d...@packages.debian.org
Usertags: pu
X-Debbugs-Cc: gl...@packages.debian.org
Control: affects -1 + src:glibc
[ Reason ]
A memory corruption was discovered in the glibc's qsort()
function, due to missing bounds check and when called by a program
with a non-transitive comparison function and a large number of
attacker-controlled elements. As the use of qsort() with a
non-transitive comparison function is undefined according to POSIX and
ISO C standards, this is not considered a vulnerability in the glibc
itself (hence no CVE number has been assigned).
However as misbehaving callers seems to be relatively common, it is
still a security issue and the qsort() function needs to be hardened
against them.
[ Impact ]
Installations will be left vulnerable to the qsort() security issue.
[ Tests ]
There is no specific test added for that change, however there are a few
upstream tests checking qsort().
[ Risks ]
The code change is very simple, and has been reviewed as part of
DSA-561-11. In addition a similar change went upstream a few weeks ago:
https://sourceware.org/git/?p=glibc.git;a=commit;h=e4d8117b82065dc72e8df80097360e7c05a349b9
https://sourceware.org/git/?p=glibc.git;a=commit;h=b9390ba93676c4b1e87e218af5e7e4bb596312ac
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
[ Changes ]
The change basically just add a bounds check to a test. This is what got
uploaded in 2.36-9+deb12u4 for bookworm-security and 2.37-15 for
unstable.
[ Other info ]
Given the limited changes, I have already uploaded the package to the
archive. Thanks for considering.
Adam D Barratt
Feb 1, 2024, 2:00:05 AM2/1/24
to
package release.debian.org
tags 1062006 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==============
Package: glibc
Version: 2.31-13+deb11u8
Explanation: fix a memory corruption in qsort() when using nontransitive comparison functions.
tags 1062006 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==============
Package: glibc
Version: 2.31-13+deb11u8
Explanation: fix a memory corruption in qsort() when using nontransitive comparison functions.
0 new messages