Sophie: glibc-6:2.22-26.mga6 src

glibc-2.22-26.mga6.src.rpm

From fc58942b399b240b939e160e164ce95da3cefd10 Mon Sep 17 00:00:00 2001
From: Tulio Magno Quites Machado Filho <tuliom@linux.vnet.ibm.com>
Date: Fri, 1 Apr 2016 15:58:16 -0300
Subject: [PATCH 52/65] NEWS: update from previous commit

---
 NEWS | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/NEWS b/NEWS
index a3dd3c7..8aa1206 100644
--- a/NEWS
+++ b/NEWS
@@ -25,7 +25,12 @@ Version 2.22.1
 
   17905, 18420, 18421, 18480, 18589, 18743, 18778, 18781, 18787, 18796,
   18870, 18887, 18921, 18928, 18969, 18985, 19003, 19018, 19058, 19174,
-  19178, 19590, 19682, 19791, 19822.
+  19178, 19590, 19682, 19791, 19822, 19879.
+
+* The getnetbyname implementation in nss_dns had a potentially unbounded
+  alloca call (in the form of a call to strdupa), leading to a stack
+  overflow (stack exhaustion) and a crash if getnetbyname is invoked
+  on a very long name.  (CVE-2016-3075)
 
 * The LD_POINTER_GUARD environment variable can no longer be used to
   disable the pointer guard feature.  It is always enabled.
-- 
2.7.4