projects / glibc.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ef899d5) | patch
local-CVE-2024-33599-nscd
authorGNU Libc Maintainers <debian-glibc@lists.debian.org>
Tue, 30 Apr 2024 21:07:28 +0000 (23:07 +0200)
committerAurelien Jarno <aurel32@debian.org>
Tue, 30 Apr 2024 21:07:28 +0000 (23:07 +0200)
commit81c41043e8f3bb318ec8372123f2ed7adc7ef599
tree41a1b731e44dd583217ea7e82776fce5fd54d5d1tree | snapshot
parentef899d5c4144b4f6f082952a4de0d6de7cebc3ddcommit | diff
local-CVE-2024-33599-nscd

commit caa3151ca460bdd9330adeedd68c3112d97bffe4
Author: Florian Weimer <fweimer@redhat.com>
Date:   Thu Apr 25 15:00:45 2024 +0200

    CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677)

    Using alloca matches what other caches do.  The request length is
    bounded by MAXKEYLEN.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
    (cherry picked from commit 87801a8fd06db1d654eea3e4f7626ff476a9bdaa)

Gbp-Pq: Topic any
Gbp-Pq: Name local-CVE-2024-33599-nscd.diff
nscd/netgroupcache.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.