Alexander Cherepanov discovered that the glob implementation in glibc does not correctly handle overlong names in struct dirent buffers when GLOB_ALTDIRFUNC is used.
Unless I'm missing something the whiteboard is just upstream.
should be fixed in glibc-2.23-r3. will need some time to bake in ~arch.
@ Maintainer(s): One month later, can we now stabilize =sys-libs/glibc-2.23-r3?
i don't think we need to rush this. wait until the end of Dec and it should be fine if there are no new issues.
please test and mark stable: =sys-libs/glibc-2.23-r3
Stable on alpha.
Stable for HPPA.
Stable for PPC64.
This issue was resolved and addressed in
GLSA 201702-11 at https://security.gentoo.org/glsa/201702-11
by GLSA coordinator Thomas Deutschmann (whissi).
Re-opening for remaining arch.
Setting back to stable - sparc please complete stabilization (A2 = 5 Day Stabilization - Start Date: 2017-01-02
sparc is done now
@ Maintainer(s): Please cleanup and drop <sys-libs/glibc-2.23-r3 or remove keywords/apply masks to indicate a security problem.
Author: Matthias Maier <email@example.com>
Date: Thu Jun 8 11:20:38 2017 -0500
profiles: Mask all glibc versions older than 2.23
Repository is clean, all done.