This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug network/19879] nss_dns: Stack overflow in getnetbyname implementation (CVE-2016-3075)
- From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Mon, 04 Apr 2016 19:58:41 +0000
- Subject: [Bug network/19879] nss_dns: Stack overflow in getnetbyname implementation (CVE-2016-3075)
- Auto-submitted: auto-generated
- References: <bug-19879-131 at http dot sourceware dot org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=19879
--- Comment #7 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, release/2.23/master has been updated
via 146b58d11fddbef15b888906e3be4f33900c416f (commit)
from 0eb234232eaf925fe4dca3bd60a3e1b4a7ab2882 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=146b58d11fddbef15b888906e3be4f33900c416f
commit 146b58d11fddbef15b888906e3be4f33900c416f
Author: Florian Weimer <fweimer@redhat.com>
Date: Tue Mar 29 12:57:56 2016 +0200
CVE-2016-3075: Stack overflow in _nss_dns_getnetbyname_r [BZ #19879]
The defensive copy is not needed because the name may not alias the
output buffer.
(cherry picked from commit 317b199b4aff8cfa27f2302ab404d2bb5032b9a4)
(cherry picked from commit 883dceebc8f11921a9890211a4e202e5be17562f)
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 7 +++++++
NEWS | 10 ++++++++--
resolv/nss_dns/dns-network.c | 5 +----
3 files changed, 16 insertions(+), 6 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.