Description: "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c."
Guarded behind USE=nscd (non-default).
Fix: https://sourceware.org/git/?p=glibc.git;a=commit;h=dca565886b5e8bd7966e15f0ca42ee5cff686673
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2e0e1c0418c63f7bdbecc980817b11adc09cfdd8 commit 2e0e1c0418c63f7bdbecc980817b11adc09cfdd8 Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2021-06-13 14:17:15 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2021-06-13 14:17:15 +0000 package.mask: Extend glibc mask to <2.33 Bug: https://bugs.gentoo.org/772425 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org> profiles/package.mask | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Nothing to do for toolchain here anymore
New request filed
This issue was resolved and addressed in GLSA 202107-07 at https://security.gentoo.org/glsa/202107-07 by GLSA coordinator John Helmert III (ajak).