Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Mageia 7 MGASA-2021-0053 Critical: Glibc Buffer Overrun Security Fix

mageia
Calendar Grey January 23, 2021
Dist Mageia Esm H88
Latest glibc updates mitigate security risks in Mageia, reinforcing system stability and protection.
Security fixes: - fix buffer overrun in EUC-KR conversion module [bz #2497] (CVE-2019-25013) - arm: CVE-2020-6096: Fix multiarch memcpy for negative length [BZ #25620] - arm: CVE-2...

Summary

Security fixes: - fix buffer overrun in EUC-KR conversion module [bz #2497] (CVE-2019-25013) - arm: CVE-2020-6096: Fix multiarch memcpy for negative length [BZ #25620] - arm: CVE-2020-6096: fix memcpy and memmove for negative length [BZ #25620] - iconv: Fix incorrect UCS4 inner loop bounds [BZ #26923] (CVE-2020-29562) other upstream fixes: - libio: Disable vtable validation for pre-2.1 interposed handles [BZ #25203] - string.h: Define __CORRECT_ISO_CPP_STRING_H_PROTO for Clang [BZ #25232] - misc/test-errno-linux: Handle EINVAL from quotactl - nss_compat: internal_end*ent may clobber errno, hiding ERANGE [BZ #25976] - Fix avx2 strncmp offset compare condition check [BZ #25933] - AArch64: Align ENTRY to a cacheline - AArch64: Add optimized Q-register memcpy - AArch64: Improve backwards memmove performance - AArch64: Rename IS_ARES to IS_NEOVERSE_N1 - AArch64: Increase small and medium cases for __memcpy_generic - AArch64: Improve integer memcpy - AArch64: Use __memcpy_simd on Neoverse...

References

- https://bugs.mageia.org/show_bug.cgi?id=28161

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/

- https://www.cve.org/CVERecord?id=CVE-2019-25013

- https://www.cve.org/CVERecord?id=CVE-2020-6096

- https://www.cve.org/CVERecord?id=CVE-2020-29562

Topics%20covered

Topics Covered

security advisory critical software update buffer overrun memory corruption security fix critical fix glibc Mageia

Resolution

SRPMS

- 7/core/glibc-2.29-21.mga7

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 24 Jan 2021
URL: https://advisories.mageia.org/MGASA-2021-0053.html
Type: security
CVE: CVE-2019-25013, CVE-2020-6096, CVE-2020-29562

Topics%20covered

Topics Covered

security advisory critical software update buffer overrun memory corruption security fix critical fix glibc Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here