[Bug 1929105] Re: CVE-2021-3326: The iconv app in glibc when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion & aborts
Steve Beattie
1929105 at bugs.launchpad.net
Tue Jun 8 17:18:53 UTC 2021
This is fixed in hirsute and newer via glibc 2.33.
** Changed in: glibc (Ubuntu)
Importance: Undecided => Low
** Also affects: glibc (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: glibc (Ubuntu Focal)
Importance: Undecided
Status: New
** Also affects: glibc (Ubuntu Groovy)
Importance: Undecided
Status: New
** Changed in: glibc (Ubuntu)
Status: New => Fix Released
** Changed in: glibc (Ubuntu Bionic)
Importance: Undecided => Low
** Changed in: glibc (Ubuntu Focal)
Importance: Undecided => Low
** Changed in: glibc (Ubuntu Groovy)
Importance: Undecided => Low
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to glibc in Ubuntu.
https://bugs.launchpad.net/bugs/1929105
Title:
CVE-2021-3326: The iconv app in glibc when processing invalid input
sequences in the ISO-2022-JP-3 encoding, fails an assertion & aborts
Status in glibc package in Ubuntu:
Fix Released
Status in glibc source package in Bionic:
New
Status in glibc source package in Focal:
New
Status in glibc source package in Groovy:
New
Bug description:
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and
earlier, when processing invalid input sequences in the ISO-2022-JP-3
encoding, fails an assertion in the code path and aborts the program,
potentially resulting in a denial of service.
Ref.: https://ubuntu.com/security/CVE-2021-3326
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1929105/+subscriptions
More information about the foundations-bugs
mailing list