Change logs for klibc source package in Nile V2.0

  • klibc (2.0.13-ok2) nile; urgency=medium
    
      * SECURITY UPDATE: improper pointer arithmetic     -
        debian/patches/CVE-2016-9840.patch: remove offset pointer
        optimization       in usr/klibc/zlib/inftrees.c.     - CVE-2016-9840
        * SECURITY UPDATE: improper pointer arithmetic     -
        debian/patches/CVE-2016-9841.patch: remove offset pointer
        optimization       in usr/klibc/zlib/inffast.c.     - CVE-2016-9841
        * SECURITY UPDATE: memory corruption during compression     -
        debian/patches/CVE-2018-25032.patch: addresses a bug that can crash
        deflate on rare inputs when using Z_FIXED.     - CVE-2018-25032   *
        SECURITY UPDATE: heap-based buffer over-read     -
        debian/patches/CVE-2022-37434-1.patch: adds an extra condition to
        check       if state->head->extra_max is greater than len before
        copying, and moves       the len assignment to be placed before the
        check in       usr/klibc/zlib/inflate.c.     - debian/patches/CVE-
        2022-37434-2.patch: in the previous patch, the       placement of
        the len assignment was causing issues so it was moved       within
        the conditional check.     - CVE-2022-37434
    
     -- liubo01 <email address hidden>  Mon, 04 Nov 2024 16:47:44 +0800
  • klibc (2.0.13-ok1) nile; urgency=medium
    
      * Build for openKylin.
    
     -- Luoyaoming <email address hidden>  Wed, 24 Apr 2024 13:46:50 +0800
  • klibc (2.0.7-ok5) zhouxuan; urgency=medium
    
      * zhouxuan CVE-2021-31872 安全更新:Fix possible integer overflow on 32-bit systems
    
     -- zhouxuan <email address hidden>  Thu, 16 Mar 2023 20:44:12 +0800