Advisories » MGASA-2020-0135

Updated glibc packages fix security vulnerabilities

Publication date: 08 Mar 2020
Modification date: 18 Mar 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-1752 , CVE-2020-10029

Description

Updated glibc packages fix security vulnerabilities:

Trigonometric functions on x86 targets suffered from stack corruption
when they were passed a pseudo-zero argument.  Reported by Guido
Vranken / ForAllSecure Mayhem. [BZ 25487] (CVE-2020-10029).

Fix use-after-free in glob when expanding ~user [BZ 25414] (CVE-2020-1752)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=26309
• https://sourceware.org/bugzilla/show_bug.cgi?id=25487
• https://sourceware.org/bugzilla/show_bug.cgi?id=25414
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029

SRPMS

7/core

• glibc-2.29-20.mga7