musl
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Lightweight implementation of C standard library |
| Version | 1.2.5-2 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-1287 | 1.2.1-1 | 1.2.1-2 | Medium | Fixed | FS#68685 |
| AVG-457 | 1.1.16-2 | 1.1.17-1 | Critical | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2020-28928 | AVG-1287 | Medium | No | Arbitrary code execution | The wcsnrtombs function in all musl libc versions up to 1.2.1 has been found to have multiple bugs in the handling of the destination buffer size when... |
| CVE-2017-15650 | AVG-457 | Critical | Yes | Arbitrary code execution | A stack-based buffer overflow has been found in the DNS response parsing code of musl libc <= 1.1.16. When an application makes a request via getaddrinfo... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 26 Nov 2020 | ASA-202011-29 | AVG-1287 | Medium | arbitrary code execution |
| 21 Oct 2017 | ASA-201710-28 | AVG-457 | Critical | arbitrary code execution |