930667 – (CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, GLIBC-SA-2024-0005, GLIBC-SA-2024-0006, GLIBC-SA-2024-0007, GLIBC-SA-2024-0008) <sys-libs/glibc-{2.38-r13,2.39-r4}: Multiple vulnerabilities in nscd

Bug 930667 (CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, GLIBC-SA-2024-0005, GLIBC-SA-2024-0006, GLIBC-SA-2024-0007, GLIBC-SA-2024-0008) - <sys-libs/glibc-{2.38-r13,2.39-r4}: Multiple vulnerabilities in nscd

Summary: <sys-libs/glibc-{2.38-r13,2.39-r4}: Multiple vulnerabilities in nscd

Status:	IN_PROGRESS

Alias:	CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, GLIBC-SA-2024-0005, GLIBC-SA-2024-0006, GLIBC-SA-2024-0007, GLIBC-SA-2024-0008

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	B3 [glsa+ cleanup]
Keywords:

Depends on:	930703
Blocks:
	Show dependency tree

Reported:	2024-04-25 13:56 UTC by Sam James
Modified:	2024-05-06 16:21 UTC (History)
CC List:	1 user (show)

See Also:	https://sourceware.org/bugzilla/show_bug.cgi?id=31677 https://sourceware.org/bugzilla/show_bug.cgi?id=31678 https://sourceware.org/bugzilla/show_bug.cgi?id=31679 https://sourceware.org/bugzilla/show_bug.cgi?id=31680
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sam James archtester

2024-04-25 13:56:09 UTC

See https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/.

Comment 1 Larry the Git Cow gentoo-dev

2024-04-26 10:02:32 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=918c29edc3708b2963f0b8686bb41b49e5a75c34

commit 918c29edc3708b2963f0b8686bb41b49e5a75c34
Author:     Andreas K. Hüttel <dilfridge@gentoo.org>
AuthorDate: 2024-04-26 09:58:47 +0000
Commit:     Andreas K. Hüttel <dilfridge@gentoo.org>
CommitDate: 2024-04-26 10:02:13 +0000

    sys-libs/glibc: add 2.38 patchset 13 and 2.39 patchset 4
    
    Bug: https://bugs.gentoo.org/930667
    Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

 sys-libs/glibc/Manifest              |    2 +
 sys-libs/glibc/glibc-2.38-r13.ebuild | 1724 ++++++++++++++++++++++++++++++++++
 sys-libs/glibc/glibc-2.39-r4.ebuild  | 1724 ++++++++++++++++++++++++++++++++++
 3 files changed, 3450 insertions(+)

Comment 2 Larry the Git Cow gentoo-dev

2024-04-26 13:42:42 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f6e370497ba3ed974fc0808ecbed57443b27d5f3

commit f6e370497ba3ed974fc0808ecbed57443b27d5f3
Author:     Andreas K. Hüttel <dilfridge@gentoo.org>
AuthorDate: 2024-04-26 13:41:47 +0000
Commit:     Andreas K. Hüttel <dilfridge@gentoo.org>
CommitDate: 2024-04-26 13:42:26 +0000

    sys-libs/glibc: rekeyword 2.38-r13 and 2.39-r4
    
    Bug: https://bugs.gentoo.org/930667
    Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

 sys-libs/glibc/glibc-2.38-r13.ebuild | 2 +-
 sys-libs/glibc/glibc-2.39-r4.ebuild  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

Comment 3 Larry the Git Cow gentoo-dev

2024-05-06 16:21:28 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=321e9a106808c3799e6007bf5459c5b6adb657a3

commit 321e9a106808c3799e6007bf5459c5b6adb657a3
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-05-06 16:20:24 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-05-06 16:21:25 +0000

    [ GLSA 202405-17 ] glibc: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/930177
    Bug: https://bugs.gentoo.org/930667
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Sam James <sam@gentoo.org>

 glsa-202405-17.xml | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)