[Git][glibc-team/glibc][bullseye-security] 4 commits: debian/patches/local-CVE-2024-33599-nscd.patch: Fix a stack-based buffer...

To: debian-glibc@lists.debian.org

Subject: [Git][glibc-team/glibc][bullseye-security] 4 commits: debian/patches/local-CVE-2024-33599-nscd.patch: Fix a stack-based buffer...

From: "Aurelien Jarno (@aurel32)" <aurel32@debian.org>

Date: Tue, 30 Apr 2024 21:59:41 +0000

Message-id: <[🔎] 663169cd37079_2070d715bc8d1413064df@godard.mail>

Reply-to: aurel32@debian.org

Title: GitLab

Aurelien Jarno pushed to branch bullseye-security at GNU Libc Maintainers / glibc

Commits:

08dcff14

by Aurelien Jarno at 2024-04-30T23:22:04+02:00

debian/patches/local-CVE-2024-33599-nscd.patch: Fix a stack-based buffer overflow in nscd netgroup cache (CVE-2024-33599).

b2d2f5f6

by Aurelien Jarno at 2024-04-30T23:22:51+02:00

debian/patches/local-CVE-2024-33600-nscd.patch: Fix a null pointer dereferences in nscd after failed netgroup cache insertion (CVE-2024-33600).

7344d1e3

by Aurelien Jarno at 2024-04-30T23:23:28+02:00

debian/patches/any/local-CVE-2024-33601-33602-nscd.patch: Fix a DoS in nscd in case of memory allocation failure (CVE-2024-33601) and a memory corruption in nscd when the underlying NSS callback function does not use the buffer space to store all strings (CVE-2024-33602).

b716d81b
by Aurelien Jarno at 2024-04-30T23:57:25+02:00
```
releasing package glibc version 2.31-13+deb11u10
```

5 changed files:

Reply to: