diff options
| author | Florian Weimer <fweimer@redhat.com> | 2014-12-15 17:41:13 +0100 |
|---|---|---|
| committer | Florian Weimer <fweimer@redhat.com> | 2014-12-16 10:08:29 +0100 |
| commit | 11e3417af6e354f1942c68a271ae51e892b2814d (patch) | |
| tree | cd58a98bda7c6d4d9fba3ac559a2c757a3fae063 /NEWS | |
| parent | ae61fc7b33d9d99d2763c16de8275227dc9748ba (diff) | |
| download | glibc-11e3417af6e354f1942c68a271ae51e892b2814d.tar.gz glibc-11e3417af6e354f1942c68a271ae51e892b2814d.tar.xz glibc-11e3417af6e354f1942c68a271ae51e892b2814d.zip | |
Avoid infinite loop in nss_dns getnetbyname [BZ #17630]
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/NEWS b/NEWS index 3556ecda2b..11121cacb0 100644 --- a/NEWS +++ b/NEWS @@ -13,8 +13,8 @@ Version 2.21 15884, 16469, 16617, 16619, 16657, 16740, 16857, 17192, 17266, 17344, 17363, 17370, 17371, 17411, 17460, 17475, 17485, 17501, 17506, 17508, 17522, 17555, 17570, 17571, 17572, 17573, 17574, 17581, 17582, 17583, - 17584, 17585, 17589, 17594, 17601, 17608, 17616, 17625, 17633, 17634, - 17647, 17653, 17657, 17664, 17665, 17668, 17682. + 17584, 17585, 17589, 17594, 17601, 17608, 17616, 17625, 17630, 17633, + 17634, 17647, 17653, 17657, 17664, 17665, 17668, 17682. * CVE-2104-7817 The wordexp function could ignore the WRDE_NOCMD flag under certain input conditions resulting in the execution of a shell for @@ -25,6 +25,9 @@ Version 2.21 * CVE-2012-3406 printf-style functions could run into a stack overflow when processing format strings with a large number of format specifiers. +* The nss_dns implementation of getnetbyname could run into an infinite loop + if the DNS response contained a PTR record of an unexpected format. + * The minimum GCC version that can be used to build this version of the GNU C Library is GCC 4.6. Older GCC versions, and non-GNU compilers, can still be used to compile programs using the GNU C Library. |