public inbox for glibc-cvs@sourceware.org
help / color / mirror / Atom feed
From: Dmitry Levin <ldv@sourceware.org>
To: glibc-cvs@sourceware.org
Subject: [glibc/release/2.32/master] NEWS: Mention CVE-2021-27645
Date: Fri,  7 Oct 2022 08:20:17 +0000 (GMT)	[thread overview]
Message-ID: <20221007082017.9D0C43853559@sourceware.org> (raw)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=aa510aa2767b9aff0401a62718e2cf93f745fb0d

commit aa510aa2767b9aff0401a62718e2cf93f745fb0d
Author: DJ Delorie <dj@redhat.com>
Date:   Wed Mar 3 14:52:57 2021 -0500

    NEWS: Mention CVE-2021-27645
    
    (cherry picked from commit 24eb3be5db5befefe4bcf0f438bf6629a9c3a608)

Diff:
---
 NEWS | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/NEWS b/NEWS
index ddbe2733ff..7bd476deb6 100644
--- a/NEWS
+++ b/NEWS
@@ -22,6 +22,11 @@ Security related changes:
   converted output contains a combined sequence of two wide characters
   crossing a buffer boundary.  Reported by Tavis Ormandy.
 
+  CVE-2021-27645: The nameserver caching daemon (nscd), when processing
+  a request for netgroup lookup, may crash due to a double-free,
+  potentially resulting in degraded service or Denial of Service on the
+  local system.  Reported by Chris Schanzle.
+
   CVE-2021-33574: The mq_notify function has a potential use-after-free
   issue when using a notification type of SIGEV_THREAD and a thread
   attribute with a non-default affinity mask.

                 reply	other threads:[~2022-10-07  8:20 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20221007082017.9D0C43853559@sourceware.org \
    --to=ldv@sourceware.org \
    --cc=glibc-cvs@sourceware.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).