public inbox for glibc-cvs@sourceware.org
help / color / mirror / Atom feed
* [glibc/release/2.32/master] NEWS: Mention CVE-2021-27645
@ 2022-10-07 8:20 Dmitry Levin
0 siblings, 0 replies; only message in thread
From: Dmitry Levin @ 2022-10-07 8:20 UTC (permalink / raw)
To: glibc-cvs
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=aa510aa2767b9aff0401a62718e2cf93f745fb0d
commit aa510aa2767b9aff0401a62718e2cf93f745fb0d
Author: DJ Delorie <dj@redhat.com>
Date: Wed Mar 3 14:52:57 2021 -0500
NEWS: Mention CVE-2021-27645
(cherry picked from commit 24eb3be5db5befefe4bcf0f438bf6629a9c3a608)
Diff:
---
NEWS | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/NEWS b/NEWS
index ddbe2733ff..7bd476deb6 100644
--- a/NEWS
+++ b/NEWS
@@ -22,6 +22,11 @@ Security related changes:
converted output contains a combined sequence of two wide characters
crossing a buffer boundary. Reported by Tavis Ormandy.
+ CVE-2021-27645: The nameserver caching daemon (nscd), when processing
+ a request for netgroup lookup, may crash due to a double-free,
+ potentially resulting in degraded service or Denial of Service on the
+ local system. Reported by Chris Schanzle.
+
CVE-2021-33574: The mq_notify function has a potential use-after-free
issue when using a notification type of SIGEV_THREAD and a thread
attribute with a non-default affinity mask.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-10-07 8:20 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-10-07 8:20 [glibc/release/2.32/master] NEWS: Mention CVE-2021-27645 Dmitry Levin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).