touch-packages team mailing list archive

Thread
Date

[Bug 1396471] Re: glibc vulnerability CVE-2014-7817

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1396471@xxxxxxxxxxxxxxxxxx>
Date: Sun, 14 Dec 2014 13:19:35 -0000
Reply-to: Bug 1396471 <1396471@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package glibc - 2.19-13ubuntu3

---------------
glibc (2.19-13ubuntu3) vivid; urgency=medium

  * any/cvs-CVE-2014-7817.diff: Backport fix from trunk for wordexp,
    making it honour the WRDE_NOCMD flag in all cases (LP: #1396471)
  * Update to release/2.19/master, fixing arm64 frame bug in _start.
 -- Adam Conrad <adconrad@xxxxxxxxxx>   Thu, 04 Dec 2014 16:56:41 -0700

** Changed in: glibc (Ubuntu Vivid)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to eglibc in Ubuntu.
https://bugs.launchpad.net/bugs/1396471

Title:
  glibc vulnerability CVE-2014-7817

Status in eglibc package in Ubuntu:
  Invalid
Status in glibc package in Ubuntu:
  Fix Released
Status in eglibc source package in Lucid:
  Fix Released
Status in glibc source package in Lucid:
  Invalid
Status in eglibc source package in Precise:
  Fix Released
Status in glibc source package in Precise:
  Invalid
Status in eglibc source package in Trusty:
  Fix Released
Status in glibc source package in Trusty:
  Invalid
Status in eglibc source package in Utopic:
  Invalid
Status in glibc source package in Utopic:
  Fix Released
Status in eglibc source package in Vivid:
  Invalid
Status in glibc source package in Vivid:
  Fix Released

Bug description:
  http://www.cvedetails.com/cve-details.php?t=1&cve_id=CVE-2014-7817
  https://security-tracker.debian.org/tracker/CVE-2014-7817

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1396471/+subscriptions