From URL: Alexander Cherepanov discovered that the glob implementation in glibc does not correctly handle overlong names in struct dirent buffers when GLOB_ALTDIRFUNC is used.
Unless I'm missing something the whiteboard is just upstream.
should be fixed in glibc-2.23-r3. will need some time to bake in ~arch.
@ Maintainer(s): One month later, can we now stabilize =sys-libs/glibc-2.23-r3?
i don't think we need to rush this. wait until the end of Dec and it should be fine if there are no new issues.
@ Arches, please test and mark stable: =sys-libs/glibc-2.23-r3
amd64 stable
Stable on alpha.
Stable for HPPA.
Stable for PPC64.
arm stable
ia64 stable
ppc stable
x86 stable
This issue was resolved and addressed in GLSA 201702-11 at https://security.gentoo.org/glsa/201702-11 by GLSA coordinator Thomas Deutschmann (whissi).
Re-opening for remaining arch.
Setting back to stable - sparc please complete stabilization (A2 = 5 Day Stabilization - Start Date: 2017-01-02
sparc is done now
@ Maintainer(s): Please cleanup and drop <sys-libs/glibc-2.23-r3 or remove keywords/apply masks to indicate a security problem.
commit aa57c4a8ee21fa208a21388c1291260c1dd8c389 Author: Matthias Maier <tamiko@gentoo.org> Date: Thu Jun 8 11:20:38 2017 -0500 profiles: Mask all glibc versions older than 2.23
Repository is clean, all done.