projects / glibc.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bf7efbc) | patch
local-CVE-2024-33599-nscd
authorGNU Libc Maintainers <debian-glibc@lists.debian.org>
Tue, 30 Apr 2024 21:57:11 +0000 (23:57 +0200)
committerAurelien Jarno <aurel32@debian.org>
Tue, 30 Apr 2024 21:57:11 +0000 (23:57 +0200)
commitaa36ac82dbc1d6a0eff03d709cce8036914f9850
treece4990a55f6be7dbe52fe08f420106869da262abtree | snapshot
parentbf7efbc346587fdfe3b28da034e01f93b414c8b1commit | diff
local-CVE-2024-33599-nscd

commit 69c58d5ef9f584ea198bd00f7964d364d0e6b921
Author: Florian Weimer <fweimer@redhat.com>
Date:   Thu Apr 25 15:00:45 2024 +0200

    CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677)

    Using alloca matches what other caches do.  The request length is
    bounded by MAXKEYLEN.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
    (cherry picked from commit 87801a8fd06db1d654eea3e4f7626ff476a9bdaa)

Gbp-Pq: Topic any
Gbp-Pq: Name local-CVE-2024-33599-nscd.patch
nscd/netgroupcache.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.