Source: glibc Severity: important Please see this blog posting from Chris Evans: https://scarybeastsecurity.blogspot.com/2017/05/further-hardening-glibc-malloc-against.html
Upstream fix is here: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=17f487b7afa7cd6c316040f3e6c86dc96b2eec30 Could we backport this to stretch? (And to a jessie point update after it has settled a bit in testing/sid?) Cheers, Moritz