Summary: | <sys-libs/glibc-2.23-r4: DNS resolver NULL pointer dereference with crafted record type | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thomas Deutschmann (RETIRED) <whissi> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | toolchain |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://sourceware.org/ml/libc-alpha/2017-02/msg00079.html | ||
See Also: | https://sourceware.org/bugzilla/show_bug.cgi?id=18784 | ||
Whiteboard: | A3 [glsa cve glsa blocked] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 622220 | ||
Bug Blocks: |
Description
Thomas Deutschmann (RETIRED)
2017-02-09 09:08:54 UTC
@ Maintainer(s): The vulnerabilities is fixed in >=sys-libs/glibc-2.25. Please bump the package and tell us if you plan to backport the fix. this is in the 2.24 ebuild now commit c46d0e63310fe68ed4bf6a3b0c3fbcc5d4d9918b Author: Matthias Maier <tamiko@gentoo.org> Date: Thu Jun 8 12:14:52 2017 -0500 sys-libs/glibc: bump 2.23 to patchset 8 Package-Manager: Portage-2.3.6, Repoman-2.3.2 This issue was resolved and addressed in GLSA 201706-19 at https://security.gentoo.org/glsa/201706-19 by GLSA coordinator Thomas Deutschmann (whissi). |