[Bug 1929105] Re: CVE-2021-3326: The iconv app in glibc when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion & aborts
Michael Hudson-Doyle
1929105 at bugs.launchpad.net
Mon Mar 7 08:56:31 UTC 2022
This got fixed in https://ubuntu.com/security/notices/USN-5310-1
** Changed in: glibc (Ubuntu Bionic)
Status: New => Fix Released
** Changed in: glibc (Ubuntu Focal)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to glibc in Ubuntu.
https://bugs.launchpad.net/bugs/1929105
Title:
CVE-2021-3326: The iconv app in glibc when processing invalid input
sequences in the ISO-2022-JP-3 encoding, fails an assertion & aborts
Status in GLibC:
Fix Released
Status in glibc package in Ubuntu:
Fix Released
Status in glibc source package in Bionic:
Fix Released
Status in glibc source package in Focal:
Fix Released
Status in glibc source package in Groovy:
Won't Fix
Bug description:
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and
earlier, when processing invalid input sequences in the ISO-2022-JP-3
encoding, fails an assertion in the code path and aborts the program,
potentially resulting in a denial of service.
Ref.: https://ubuntu.com/security/CVE-2021-3326
To manage notifications about this bug go to:
https://bugs.launchpad.net/glibc/+bug/1929105/+subscriptions
More information about the foundations-bugs
mailing list