DSA-2976 eglibc - security update
|
Información sobre el sistema
|
|
|
Software afectado |
Debian |
Descripción
|
Stephane Chazelas discovered that the GNU C library, glibc, processed".." path segments in locale-related environment variables, possiblyallowing attackers to circumvent intended restrictions, such asForceCommand in OpenSSH, assuming that they can supply crafted localesettings.
More info:
https://www.debian.org/security/2014/dsa-2976 |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2014-0475 and DSA-2976. |