Debian Security Advisory

DLA-230-1 eglibc -- LTS security update

Date Reported:

27 May 2015

Affected Packages:

eglibc

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2015-1781.

More information:

Arjun Shankar of Red Hat discovered that gethostbyname_r and related functions compute the size of an input buffer incorrectly if the passed-in buffer is misaligned. This results in a buffer overflow.

For the oldoldstable distribution (squeeze), this problem has been fixed in version 2.11.3-4+deb6u6.

This page is also available in the following languages:

français Русский (Russkij)

How to set the default document language

To report a problem with the web site, please e-mail our publicly archived mailing list debian-www@lists.debian.org in English. For other contact information, see the Debian contact page. Web site source code is available.

Last Modified: Sat, Feb 9 03:24:58 UTC 2019 Last Built: Sun, May 10 03:37:37 UTC 2020
Copyright © 2015-2020 SPI and others; See license terms
Debian is a registered trademark of Software in the Public Interest, Inc.