[Bug 906961] Re: timezone file integer overflow

Launchpad Bug Tracker 906961 at bugs.launchpad.net
Wed Jan 4 00:15:12 UTC 2012 

This bug was fixed in the package eglibc - 2.13-24ubuntu1

---------------
eglibc (2.13-24ubuntu1) precise; urgency=low

  * Merge with Debian (r5108), bringing in an ARM header patch, and a fix
    for CVE-2009-5029, an integer overflow in timezone code (LP: #906961)

eglibc (2.13-24) unstable; urgency=low

  * patches/m68k/cvs-byteswap.diff: fix m68k optimized version of
    <bits/byteswap.h>.  Closes: #652356.
  * Add m68k expected tests results.
  * Update Russian debconf translation, by Yuri Kozlov.  Closes: #652428.
  * Update German debconf translation, by Helge Kreutzman.  Closes: #652556.
  * patches/any/cvs-tzfile.diff: fix integer overflow in timezone code.
    Closes: #650790.
  * Don't provide debugging symbols for libc-bin, libc-dev-bin and nscd
    packages to avoid conflicts with multiarch.
  * sysdeps/armel.mk, sysdeps/armhf.mk: fix cross compiling.
  * Update Dutch debconf translation, by Jeroen Schot.  Closes: #652632.
  * patches/hurd/tg-struct_stat.diff: fix #ifdef typos.
  * kfreebsd/local-sysdeps.diff: update to revision 3952 (from glibc-bsd).
  * patches/m68k/local-pthread_lock.diff: remove, obsolete.
  * patches/arm/cvs-ucontext.diff: fix namespace pollution from
    <sys/ucontext.h> on arm.  Closes: #652844.
  * Update French debconf translation, by Christian Perrier.  Closes:
    #652860.
 -- Adam Conrad <adconrad at ubuntu.com>   Tue, 03 Jan 2012 12:04:05 -0700

** Changed in: eglibc (Ubuntu)
       Status: Triaged => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-5029

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to eglibc in Ubuntu.
https://bugs.launchpad.net/bugs/906961

Title:
  timezone file integer overflow

Status in “eglibc” package in Ubuntu:
  Fix Released

Bug description:
  This is CVE-2009-5029. Given the uncommon situations where TZ files are processed by privileged applications, this is not urgent, though there are now examples of this being used in the wild:
  http://lists.grok.org.uk/pipermail/full-disclosure/2011-December/084452.html

  Fixed in:
  http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=97ac2654b2d831acaa18a2b018b0736245903fd2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/906961/+subscriptions

More information about the foundations-bugs mailing list