Wind River Support Network

HomeDefectsLIN6-10838

Fixed

LIN6-10838 : Security Advisory - glibc - CVE-2015-8776

Created: Feb 13, 2016 Updated: Dec 3, 2018

Resolved Date: Mar 9, 2016

Previous ID: LIN7-5601

Found In Version: 6.0.0.27

Fix Version: 6.0.0.29

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Toolchain

Description

See Yocto Project bug 8980
glibc bug 18985

The bug appears to affect back to glibc 2.19.

Passing out of range data to strftime() causes a segfault
https://sourceware.org/bugzilla/show_bug.cgi?id=18985

Out-of-range time values passed to the strftime function may cause it to
crash, leading to a denial of service, or potentially disclosure
information.

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38