Tavis Ormandy and John Haxby discovered that the GNU C Library contained an off-by-one error when performing transliteration module loading. A local attacker could exploit this to gain administrative privileges. (CVE-2014-5119)
USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS and Ubuntu 12.04 LTS the security update for CVE-2014-0475 caused a regression with localplt on PowerPC. This update fixes the problem. We apologize for the inconvenience.