Launchpad CVE tracker

CVE 2011-1659

Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.

Related bugs and status

CVE-2011-1659 (Candidate) is related to these bugs:

Bug #791315: libnih version 1.0.3-4ubuntu1 failed to build on armel

		In	Importance	Status
791315	libnih version 1.0.3-4ubuntu1 failed to build on armel	libnih (Ubuntu)	Undecided	Fix Released
791315	libnih version 1.0.3-4ubuntu1 failed to build on armel	eglibc (Ubuntu)	Medium	Fix Released
791315	libnih version 1.0.3-4ubuntu1 failed to build on armel	Linaro GCC	Undecided	Invalid
791315	libnih version 1.0.3-4ubuntu1 failed to build on armel	eglibc (Ubuntu Lucid)	Medium	Won't Fix
791315	libnih version 1.0.3-4ubuntu1 failed to build on armel	libnih (Ubuntu Lucid)	Undecided	Won't Fix
791315	libnih version 1.0.3-4ubuntu1 failed to build on armel	eglibc (Ubuntu Maverick)	Medium	Won't Fix
791315	libnih version 1.0.3-4ubuntu1 failed to build on armel	libnih (Ubuntu Maverick)	Undecided	Won't Fix
791315	libnih version 1.0.3-4ubuntu1 failed to build on armel	eglibc (Ubuntu Natty)	Medium	Won't Fix
791315	libnih version 1.0.3-4ubuntu1 failed to build on armel	libnih (Ubuntu Natty)	Undecided	Won't Fix

Bug #799673: localedef doesn't know about rupee symbol

Summary				In	Importance	Status
	799673	localedef doesn't know about rupee symbol		eglibc (Ubuntu)	Low	Fix Released
	799673	localedef doesn't know about rupee symbol		langpack-locales (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2011-1659

References