mirror/glibc - mirror of git://sourceware.org/git/glibc.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Update copyright dates with scripts/update-copyrights	Paul Eggert	2024-01-01	1	-1/+1
\|
*	CVE-2023-4527: Stack read overflow with large TCP responses in no-aaaa mode	Florian Weimer	2023-09-13	1	-0/+129
	Without passing alt_dns_packet_buffer, __res_context_search can only store 2048 bytes (what fits into dns_packet_buffer). However, the function returns the total packet size, and the subsequent DNS parsing code in _nss_dns_gethostbyname4_r reads beyond the end of the stack-allocated buffer. Fixes commit f282cdbe7f436c75864e5640a4 ("resolv: Implement no-aaaa stub resolver option") and bug 30842.