diff options
author | Arjun Shankar <arjun.is@lostca.se> | 2015-04-21 14:06:31 +0200 |
---|---|---|
committer | Florian Weimer <fweimer@redhat.com> | 2015-04-21 14:06:50 +0200 |
commit | 2959eda9272a033863c271aff62095abd01bd4e3 (patch) | |
tree | 921b14d182ce222b9b44f983e8dca7bacb3c8fda /NEWS | |
parent | 7bf8fb104226407b75103b95525364c4667c869f (diff) | |
download | glibc-2959eda9272a033863c271aff62095abd01bd4e3.zip glibc-2959eda9272a033863c271aff62095abd01bd4e3.tar.gz glibc-2959eda9272a033863c271aff62095abd01bd4e3.tar.bz2 |
CVE-2015-1781: resolv/nss_dns/dns-host.c buffer overflow [BZ#18287]
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 9 |
1 files changed, 8 insertions, 1 deletions
@@ -16,7 +16,14 @@ Version 2.22 17969, 17978, 17987, 17991, 17996, 17998, 17999, 18019, 18020, 18029, 18030, 18032, 18036, 18038, 18039, 18042, 18043, 18046, 18047, 18068, 18080, 18093, 18100, 18104, 18110, 18111, 18128, 18138, 18185, 18197, - 18206, 18210, 18211, 18247. + 18206, 18210, 18211, 18247, 18287. + +* A buffer overflow in gethostbyname_r and related functions performing DNS + requests has been fixed. If the NSS functions were called with a + misaligned buffer, the buffer length change due to pointer alignment was + not taken into account. This could result in application crashes or, + potentially arbitrary code execution, using crafted, but syntactically + valid DNS responses. (CVE-2015-1781) * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. You will need |