MGASA-2016-0206
- Source
- https://advisories.mageia.org/MGASA-2016-0206.html
- Import Source
- https://advisories.mageia.org/MGASA-2016-0206.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2016-0206
- Related
- Published
- 2016-05-23T22:00:58Z
- Modified
- 2016-05-23T21:53:45Z
- Summary
- Updated glibc packages fix security vulnerabilities
- Details
-
Updated glibc packages fix security vulnerabilities:
It was found that glob implementation in glibc does not correctly handle overlong names in struct dirent buffers when GLOB_ALTDIRFUNC is used, causing large stack-based buffer overflow with controlled length and content (CVE-2016-1234).
A stack overflow vulnerability (unbounded allocation) in nssdnsgetnetbynamer function was found (CVE-2016-3075).
stack (frame) overflow in getaddrinfo() when called with AFINET, AFINET6 (incomplete fix for CVE-2013-4458) (CVE-2016-3706).
- References
-
- https://advisories.mageia.org/MGASA-2016-0206.html
- https://bugs.mageia.org/show_bug.cgi?id=18440
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ICIY2WE4MCXHRVFZPY24JZKPAXG4PDIZ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/WENVYEYN5OSQXJQV7L4TQOKH3BODV6PB/
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:5 / glibc
Package
- Name
- glibc
- Purl
- pkg:rpm/mageia/glibc?distro=mageia-5