public inbox for glibc-cvs@sourceware.org help / color / mirror / Atom feed
From: Dmitry Levin <ldv@sourceware.org> To: glibc-cvs@sourceware.org Subject: [glibc/release/2.32/master] NEWS: Mention CVE-2021-27645 Date: Fri, 7 Oct 2022 08:20:17 +0000 (GMT) [thread overview] Message-ID: <20221007082017.9D0C43853559@sourceware.org> (raw) https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=aa510aa2767b9aff0401a62718e2cf93f745fb0d commit aa510aa2767b9aff0401a62718e2cf93f745fb0d Author: DJ Delorie <dj@redhat.com> Date: Wed Mar 3 14:52:57 2021 -0500 NEWS: Mention CVE-2021-27645 (cherry picked from commit 24eb3be5db5befefe4bcf0f438bf6629a9c3a608) Diff: --- NEWS | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/NEWS b/NEWS index ddbe2733ff..7bd476deb6 100644 --- a/NEWS +++ b/NEWS @@ -22,6 +22,11 @@ Security related changes: converted output contains a combined sequence of two wide characters crossing a buffer boundary. Reported by Tavis Ormandy. + CVE-2021-27645: The nameserver caching daemon (nscd), when processing + a request for netgroup lookup, may crash due to a double-free, + potentially resulting in degraded service or Denial of Service on the + local system. Reported by Chris Schanzle. + CVE-2021-33574: The mq_notify function has a potential use-after-free issue when using a notification type of SIGEV_THREAD and a thread attribute with a non-default affinity mask.
reply other threads:[~2022-10-07 8:20 UTC|newest] Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20221007082017.9D0C43853559@sourceware.org \ --to=ldv@sourceware.org \ --cc=glibc-cvs@sourceware.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).