| Release | Version |
|---|---|
| jessie | 1.1.5-2+deb8u2 |
| stretch | 1.1.16-3+deb9u1 |
| buster | 1.1.21-2 |
| bullseye | 1.2.2-1 |
| bookworm | 1.2.3-1 |
| trixie | 1.2.5-1 |
| sid | 1.2.5-1 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-28928 | fixed | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | In musl libc through 1.2.1, wcsnrtombs mishandles particular combinati ... |
| CVE-2019-14697 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | musl libc through 1.1.23 has an x87 floating-point stack adjustment im ... |
| CVE-2017-15650 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | musl libc before 1.1.17 has a buffer overflow via crafted DNS replies ... |
| Bug | Description |
|---|---|
| CVE-2016-8859 | Multiple integer overflows in the TRE library and musl libc allow atta ... |
| CVE-2015-1817 | Stack-based buffer overflow in the inet_pton function in network/inet_ ... |
| CVE-2014-3484 | Multiple stack-based buffer overflows in the __dn_expand function in n ... |
| DSA / DLA | Description |
|---|---|
| DLA-2474-1 | musl - security update |
| ELA-324-1 | musl - security update |