Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Slackware 15.0: 2024-109-02 critical: glibc memory overflow

slackware
Calendar Grey April 18, 2024
Dist Slackware Esm H88
Explore the vulnerabilities within glibc and discover how the latest updates in Slackware 15.0 can avert software failures and safeguard data integrity.
New glibc packages are available for Slackware 15.0 and -current to fix a security issue

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/aaa_glibc-solibs-2.33-i586-6_slack15.0.txz: Rebuilt. patches/packages/glibc-2.33-i586-6_slack15.0.txz: Rebuilt. This update fixes a security issue: The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable. For more information, see: https://www.cve.org/CVERecord?id=CVE-2024-2961 (* Security fix *) patches/packages/glibc-i18n-2.33-i586-6_slack15.0.txz: Rebuilt. patches/packages/glibc-profile-2.33-i586-6_slack15.0.txz: Rebuilt.

Topics%20covered

Topics Covered

security advisory buffer overflow critical security fix slackware glibc Slackware memory issue application crash glibc buffer overflow

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 15.0:
Updated package for Slackware x86_64 15.0:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 15.0 package: db1fdb65d9e64639b11f35a0b6b150b7 aaa_glibc-solibs-2.33-i586-6_slack15.0.txz ac723131a3e18c7220bff020d4597bf8 glibc-2.33-i586-6_slack15.0.txz f3b70a54eb163e043c4c5f6a67e9d0e9 glibc-i18n-2.33-i586-6_slack15.0.txz 6b98c77321151022d17312825436be7f glibc-profile-2.33-i586-6_slack15.0.txz
Slackware x86_64 15.0 package: b2476b8368bef6a3ef0eaca4eb8d3db6 aaa_glibc-solibs-2.33-x86_64-6_slack15.0.txz e36a2bd9e8c8ea38fd64df24baf61e36 glibc-2.33-x86_64-6_slack15.0.txz 9e7970f2775d7127ac618296c0884109 glibc-i18n-2.33-x86_64-6_slack15.0.txz eb39636b73e2fd695ab8cf8850050889 glibc-profile-2.33-x86_64-6_slack15.0.txz
Slackware -current package: eac98c14f059ea434e655ec6c3e35afd a/aaa_glibc-solibs-2.39-i586-2.txz 7bd0e24e064cabdad278b1baf8c380e2 l/glibc-2.39-i586-2.txz 7e280ef1dfff11b34adf258c6e8301b3 l/glibc-i18n-2.39-i586-2.txz ca5fb64de16d846cd1ef6bf845c50cc3 l/glibc-profile-2.39-i586-2.txz
Slackware x86_64 -current package: 86d02cbc3ce60f1ba2e31e334ad8f84f a/aaa_glibc-solibs-2.39-x86_64-2.txz 032540c006e8015368d71fb98f6a1bc0 l/glibc-2.39-x86_64-2.txz d5a77e36486fcf60c8fb89f45635d752 l/glibc-i18n-2.39-x86_64-2.txz caba19659a85eb38cc0e8692f4d89efa l/glibc-profile-2.39-x86_64-2.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory buffer overflow critical security fix slackware glibc Slackware memory issue application crash glibc buffer overflow

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg *glibc-*.txz

Related News

Your message here