diff options
| author | Carlos O'Donell <carlos@redhat.com> | 2024-05-01 21:54:11 -0400 |
|---|---|---|
| committer | Carlos O'Donell <carlos@redhat.com> | 2024-05-06 15:12:31 -0400 |
| commit | 143ef68b2aded7c794956beddad495af8c7d3251 (patch) | |
| tree | a513c2691b1e6f31c4126ed65ddefba989a2bbc6 | |
| parent | d4d9a805a58c2593f7610198a198d24a41eef561 (diff) | |
| download | glibc-143ef68b2aded7c794956beddad495af8c7d3251.zip glibc-143ef68b2aded7c794956beddad495af8c7d3251.tar.gz glibc-143ef68b2aded7c794956beddad495af8c7d3251.tar.bz2 | |
NEWS: Add advisories.
GLIBC-SA-2024-0004:
ISO-2022-CN-EXT: fix out-of-bound writes when writing escape
sequence (CVE-2024-2961)
GLIBC-SA-2024-0005:
nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599)
GLIBC-SA-2024-0006:
nscd: Null pointer crashes after notfound response
(CVE-2024-33600)
GLIBC-SA-2024-0007:
nscd: netgroup cache may terminate daemon on memory allocation
failure (CVE-2024-33601)
GLIBC-SA-2024-0008:
nscd: netgroup cache assumes NSS callback uses in-buffer strings
(CVE-2024-33602)
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
| -rw-r--r-- | NEWS | 19 |
1 files changed, 19 insertions, 0 deletions
@@ -177,6 +177,25 @@ found in the advisories directory of the release tarball: GLIBC-SA-2024-0003: syslog: Integer overflow in __vsyslog_internal (CVE-2023-6780) + GLIBC-SA-2024-0004: + ISO-2022-CN-EXT: fix out-of-bound writes when writing escape + sequence (CVE-2024-2961) + + GLIBC-SA-2024-0005: + nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599) + + GLIBC-SA-2024-0006: + nscd: Null pointer crashes after notfound response + (CVE-2024-33600) + + GLIBC-SA-2024-0007: + nscd: netgroup cache may terminate daemon on memory allocation + failure (CVE-2024-33601) + + GLIBC-SA-2024-0008: + nscd: netgroup cache assumes NSS callback uses in-buffer strings + (CVE-2024-33602) + The following bugs are resolved with this release: [14522] localedata: fy_DE: LC_IDENTIFICATION data looks weird |