On Wed, 2015-02-11 at 22:11 +0100, Aurelien Jarno wrote:
Control: notfound -1 eglibc 2.13-38+deb7u7
Control: fixed -1 eglibc/2.13-38+deb7u5
On 2015-01-29 23:53, Ben Hutchings wrote:
Control: retitle -1 libc6: getaddrinfo() sends DNS queries to random file
descriptors (CVE-2013-7423)
Control: notfound -1 eglibc 2.13-38+deb7u7
Control: fixed -1 eglibc/2.13-38+deb7u5
On 2015-01-29 23:53, Ben Hutchings wrote:
Control: retitle -1 libc6: getaddrinfo() sends DNS queries to random file
descriptors (CVE-2013-7423)
Control: forwarded -1
Control: retitle -1 libc6: getaddrinfo() sends DNS queries to random file
descriptors (CVE-2013-7423)
Control: forwarded -1 https://sourceware.org/bugzilla/show_bug.cgi?id=15946
Control: severity -1 serious
Control: found -1 eglibc 2.11.3-4+deb6u4
Control: found -1 eglibc 2.13-38+deb7u7
This bug
Package: libc6
Version: 2.13-38
Followup-For: Bug #722075
Hi there,
I was able to reproduce this bug with only calls to getaddrinfo, as my
getaddrinfo opens a NETLINK socket.
Here is a small c file leading you easily to the problem :
http://pastebin.com/cWZphPK7
It also mean that getaddrinfo
More informations on the bug:
I previously reported it here:
http://code.google.com/p/go/issues/detail?id=6336#c9 . At least 3
others have successfully reproduced the bug using the provided C code
on Debian, Archlinux (and maybe other unspecified distros).
I've failed reproducing it on some
Package: libc6
Version: 2.13-38
Severity: normal
Under high load, getaddrinfo() seems to start sending DNS queries to random
file descriptors.
If a process has opened connections to remote servers or clients, getaddrinfo()
may write DNS queries to these connections.
This has been noticed on a
6 matches
Mail list logo