FEDORA-2021-6e581c051a created by pfrankli 2 months ago for Fedora 32
stable
- x86: Check IFUNC definition in unrelocated executable [BZ #20019]
- x86: Set header.feature_1 in TCB for always-on CET [BZ #27177]
- x86-64: Avoid rep movsb with short distance [BZ #27130]
- Fix for CVE-2019-25013 buffer overrun in EUC-KR conversion module (bz #24973)
- Add NEWS entry for CVE-2020-29562 (BZ #26923)
- iconv: Fix incorrect UCS4 inner loop bounds (BZ#26923)
- tests-mcheck: New variable to run tests with MALLOC_CHECK_=3
- iconv: Accept redundant shift sequences in IBM1364 [BZ #26224]
- sh: Add sh4 fpu Implies folder
- aarch64: Fix DT_AARCH64_VARIANT_PCS handling [BZ #26798]
- x86: Optimizing memcpy for AMD Zen architecture.
- Reversing calculation of __x86_shared_non_temporal_threshold
- AArch64: Use __memcpy_simd on Neoverse N2/V1
- [AArch64] Improve integer memcpy
- AArch64: Rename IS_ARES to IS_NEOVERSE_N1
- AArch64: Improve backwards memmove performance
- AArch64: Add optimized Q-register memcpy
- AArch64: Align ENTRY to a cacheline
- intl: Handle translation output codesets with suffixes [BZ #26383]
- Add NEWS entry for CVE-2016-10228 (bug 19519)
- Rewrite iconv option parsing [BZ #19519]
- powerpc: Fix incorrect cache line size load in memset (bug 26332)
- nptl: Zero-extend arguments to SETXID syscalls [BZ #26248]
- Disable warnings due to deprecated libselinux symbols used by nss and nscd
- Add NEWS entry for CVE-2020-6096 (bug 25620)

How to install

sudo dnf upgrade --advisory=FEDORA-2021-6e581c051a

This update has been submitted for testing by pfrankli.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago

This update's test gating status has been changed to 'waiting'.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago

This update has been pushed to testing.

2 months ago
User Icon newbyte provided feedback a month ago
karma
User Icon fweimer commented & provided feedback a month ago
karma

Upstream test case for CVE-2019-25013 no longer segfaults. System still boots and core functionality is available.

BZ#1913056 CVE-2019-25013 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding [fedora-all]

This update can be pushed to stable now if the maintainer wishes

a month ago

This update has been submitted for stable by pfrankli.

a month ago
User Icon codonell commented & provided feedback a month ago
karma

System is functional and... CVE-2019-25013 is fixed: echo -en "\x00\xfe" | iconv -f EUC-KR -t "UTF-8//IGNORE" iconv: incomplete character or shift sequence at end of buffer echo -en "\x00\xfe" | iconv -c -f EUC-KR -t "UTF-8" iconv: incomplete character or shift sequence at end of buffer

BZ#1913056 CVE-2019-25013 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding [fedora-all]

This update has been pushed to stable.

a month ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
2 months ago
in testing
2 months ago
in stable
a month ago
BZ#1913056 CVE-2019-25013 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding [fedora-all]
0
2

Automated Test Results