3
0
Fork 0
forked from mirrors/nixpkgs
nixpkgs/pkgs/development/libraries/glibc
Scott R. Parish 64f5845418 glibc: patch 2.23 for CVE-2016-3075, CVE-2016-1234, CVE-2016-3706
This addresses the following security advisories:

+ CVE-2016-3075: Stack overflow in _nss_dns_getnetbyname_r
+ CVE-2016-1234: glob: buffer overflow with GLOB_ALTDIRFUNC due to incorrect
                 NAME_MAX limit assumption
+ CVE-2016-3706: getaddrinfo: stack overflow in hostent conversion

Patches cherry-picked from glibc's release/2.23/master branch.

The "glob-simplify-interface.patch" was a dependency for
"cve-2016-1234.patch".
2016-05-13 23:47:17 -07:00
..
builder.sh
common.nix
cve-2016-1234.patch
cve-2016-3075.patch
cve-2016-3706.patch
default.nix
dont-use-system-ld-so-cache.patch
dont-use-system-ld-so-preload.patch
fix_path_attribute_in_getconf.patch
glibc-crypt-blowfish.patch
glibc-remove-datetime-from-nscd.patch
glob-simplify-interface.patch
info.nix
locales-builder.sh
locales.nix
multi.nix
nix-locale-archive.patch
rpcgen-path.patch