From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <sourceware-bugzilla@sourceware.org>
Received: by sourceware.org (Postfix, from userid 48)
	id 99E98385CCA3; Tue, 26 Sep 2023 22:52:18 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 99E98385CCA3
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1695768738;
	bh=GBXZ5Riwt6NrqQjAq+cxvxnyKnfmw0bmCXmXsSav3Y0=;
	h=From:To:Subject:Date:In-Reply-To:References:From;
	b=KYGH9MeGxKxnLalG3TOu8e3yVrIGLxWhQZaIxoGotXmRUYPBhGELlyJgUxkOnaVHu
	 D+fs0G11W05LzEpoHsMsyDnAJsIDYO1wj8Jjtf31NT4k/tHyFhEV+myYdikulC0Ltj
	 UnsUK409YGYuuFrihfs1aw8CTCnGHeeZKwHeCyYA=
From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sourceware.org
Subject: [Bug network/30842] Stack read overflow in getaddrinfo in no-aaaa
 mode (CVE-2023-4527)
Date: Tue, 26 Sep 2023 22:52:18 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: network
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: cvs-commit at gcc dot gnu.org
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: fweimer at redhat dot com
X-Bugzilla-Target-Milestone: 2.39
X-Bugzilla-Flags: security+
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-30842-131-Za5nGROekK@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-30842-131@http.sourceware.org/bugzilla/>
References: <bug-30842-131@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
List-Id: <glibc-bugs.sourceware.org>

https://sourceware.org/bugzilla/show_bug.cgi?id=3D30842

--- Comment #6 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gn=
u.org> ---
The release/2.38/master branch has been updated by Siddhesh Poyarekar
<siddhesh@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=3Dglibc.git;h=3D5ee59ca371b99984232=
d7584fe2b1a758b4421d3

commit 5ee59ca371b99984232d7584fe2b1a758b4421d3
Author: Romain Geissler <romain.geissler@amadeus.com>
Date:   Mon Sep 25 01:21:51 2023 +0100

    Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 [BZ #30=
843]

    This patch fixes a very recently added leak in getaddrinfo.

    This was assigned CVE-2023-5156.

    Resolves: BZ #30884
    Related: BZ #30842

    Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
    (cherry picked from commit ec6b95c3303c700eb89eebeda2d7264cc184a796)

--=20
You are receiving this mail because:
You are on the CC list for the bug.=