Fix stack overflow due to large AF_INET6 requests

Resolves #16072 (CVE-2013-4458). This patch fixes another stack overflow in getaddrinfo when it is called with AF_INET6. The AF_UNSPEC case was fixed as CVE-2013-1914, but the AF_INET6 case went undetected back then.
author: Siddhesh Poyarekar <siddhesh@redhat.com> 2013-10-25 10:22:12 +0530
committer: Adhemerval Zanella <azanella@linux.vnet.ibm.com> 2013-11-15 11:37:21 -0600
commit: 6f4b109567445b1ed70300bb0cb1752cb9998ec9 (patch)
tree: 165de55e84d06d6548981a1524137aac833f9a6d /NEWS
parent: 52aafee302d34ddd2afb6bea31d838e61555e154 (diff)
download: glibc-6f4b109567445b1ed70300bb0cb1752cb9998ec9.tar.gz
glibc-6f4b109567445b1ed70300bb0cb1752cb9998ec9.tar.xz
glibc-6f4b109567445b1ed70300bb0cb1752cb9998ec9.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index b25af8ee04..c70f333cc4 100644
--- a/NEWS
+++ b/NEWS
@@ -10,11 +10,14 @@ Version 2.18.1
 * The following bugs are resolved with this release:
 
   14155, 14699, 15532, 15427, 15522, 15797, 15892, 15895, 15909, 15996,
-  16150.
+  16072, 16150.
 
 * CVE-2013-4237 The readdir_r function could write more than NAME_MAX bytes
   to the d_name member of struct dirent, or omit the terminating NUL
   character.  (Bugzilla #14699).
+
+* CVE-2013-4458 Stack overflow in getaddrinfo with large number of results
+  for AF_INET6 has been fixed (Bugzilla #16072).
 
 Version 2.18
author	Siddhesh Poyarekar <siddhesh@redhat.com>	2013-10-25 10:22:12 +0530
committer	Adhemerval Zanella <azanella@linux.vnet.ibm.com>	2013-11-15 11:37:21 -0600
commit	6f4b109567445b1ed70300bb0cb1752cb9998ec9 (patch)
tree	165de55e84d06d6548981a1524137aac833f9a6d /NEWS
parent	52aafee302d34ddd2afb6bea31d838e61555e154 (diff)
download	glibc-6f4b109567445b1ed70300bb0cb1752cb9998ec9.tar.gz glibc-6f4b109567445b1ed70300bb0cb1752cb9998ec9.tar.xz glibc-6f4b109567445b1ed70300bb0cb1752cb9998ec9.zip