USN-2985-2: GNU C Library regression
USN-2985-2: GNU C Library regression Ubuntu Security Notice USN-2985-2 26th May, 2016 eglibc, glibc regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-2985-1 introduced a regression in the GNU C Library. Software description eglibc – GNU C Library glibc – GNU C Library Details USN-2985-1 fixed vulnerabilities in the GNU C Library. The fix forCVE-2014-9761 introduced a regression which affected applications thatuse the libm library but were not fully restarted after the upgrade.This update removes the fix for CVE-2014-9761 and a future updatewill be provided to address this issue. We apologize for the inconvenience. Original advisory details: Martin Carpenter discovered that pt_chown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose [ more… ]
