From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 85219 invoked by alias); 24 Feb 2015 11:08:36 -0000 Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: glibc-bugs-owner@sourceware.org Received: (qmail 85165 invoked by uid 48); 24 Feb 2015 11:08:32 -0000 From: "fweimer at redhat dot com" To: glibc-bugs@sourceware.org Subject: [Bug libc/12671] multiple vulnerabilities in netdb.h/aliases.h/glob.h (CVE-2012-6686) Date: Tue, 24 Feb 2015 11:08:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: libc X-Bugzilla-Version: unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: fweimer at redhat dot com X-Bugzilla-Status: RESOLVED X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: drepper.fsp at gmail dot com X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: security? X-Bugzilla-Changed-Fields: short_desc alias Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-SW-Source: 2015-02/txt/msg00326.txt.bz2 https://sourceware.org/bugzilla/show_bug.cgi?id=3D12671 Florian Weimer changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|multiple vulnerabilities in |multiple vulnerabilities in |netdb.h/aliases.h/glob.h |netdb.h/aliases.h/glob.h | |(CVE-2012-6686) Alias| |CVE-2012-6686 --- Comment #5 from Florian Weimer --- Tomas Hoger identified the following commits, quoting: =E2=80=9CUpstream has fixed couple of unbound alloca uses which can lead to= program crashes if excessively long inputs are passed to certain functions. http://sourceware.org/bugzilla/show_bug.cgi?id=3D12671 http://sourceware.org/git/?p=3Dglibc.git;a=3Dcommitdiff;h=3Df2962a71959fd25= 4a7a223437ca4b63b9e81130c covers cases that can be triggered via getaddrinfo, getservbyname* and glob. http://sourceware.org/git/?p=3Dglibc.git;a=3Dcommitdiff;h=3D34a9094f49241eb= b72084c536cf468fd51ebe3ec covers other alloca uses inside getaddrinfo.=E2=80=9D These commits went into glibc 2.14. Debian identified another commit, which went into glibc 2.14.1 only: https://sourceware.org/git/?p=3Dglibc.git;a=3Dcommit;h=3Dc8fc0c91695b1c7003= c7170861274161f9224817 Source for the CVE mapping is here: https://marc.info/?l=3Doss-security&m=3D142255034710625&w=3D2 --=20 You are receiving this mail because: You are on the CC list for the bug. >>From glibc-bugs-return-27592-listarch-glibc-bugs=sources.redhat.com@sourceware.org Tue Feb 24 11:29:26 2015 Return-Path: Delivered-To: listarch-glibc-bugs@sources.redhat.com Received: (qmail 104631 invoked by alias); 24 Feb 2015 11:29:26 -0000 Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: glibc-bugs-owner@sourceware.org Delivered-To: mailing list glibc-bugs@sourceware.org Received: (qmail 104576 invoked by uid 48); 24 Feb 2015 11:29:23 -0000 From: "fweimer at redhat dot com" To: glibc-bugs@sourceware.org Subject: [Bug libc/12671] multiple vulnerabilities in netdb.h/aliases.h/glob.h (CVE-2012-6686) Date: Tue, 24 Feb 2015 11:29:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: libc X-Bugzilla-Version: unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: fweimer at redhat dot com X-Bugzilla-Status: RESOLVED X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: drepper.fsp at gmail dot com X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: security? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-SW-Source: 2015-02/txt/msg00327.txt.bz2 Content-length: 618 https://sourceware.org/bugzilla/show_bug.cgi?id=12671 --- Comment #6 from Florian Weimer --- (In reply to Florian Weimer from comment #5) > Debian identified another commit, which went into glibc 2.14.1 only: > > https://sourceware.org/git/?p=glibc.git;a=commit; > h=c8fc0c91695b1c7003c7170861274161f9224817 Per https://bugzilla.redhat.com/show_bug.cgi?id=809602 https://bugzilla.redhat.com/show_bug.cgi?id=709267 this commit is actually a fix of a regression, which is also potentially security-relevant. -- You are receiving this mail because: You are on the CC list for the bug.