Publishing details

• Published on 2024-06-29

Changelog

glibc (2.31-13+deb11u10) bullseye-security; urgency=medium

  * debian/patches/local-CVE-2024-33599-nscd.patch: Fix a stack-based buffer
    overflow in nscd netgroup cache (CVE-2024-33599).
  * debian/patches/local-CVE-2024-33600-nscd.patch: Fix a null pointer
    dereferences in nscd after failed netgroup cache insertion
    (CVE-2024-33600).
  * debian/patches/any/local-CVE-2024-33601-33602-nscd.patch: Fix a DoS in nscd
    in case of memory allocation failure (CVE-2024-33601) and a memory
    corruption in nscd when the underlying NSS callback function does not use
    the buffer space to store all strings (CVE-2024-33602).

 -- Aurelien Jarno <email address hidden>  Tue, 30 Apr 2024 23:57:11 +0200

Builds

Package files

• glibc_2.31-13+deb11u10.debian.tar.xz (943.1 KiB)
• glibc_2.31-13+deb11u10.dsc (8.2 KiB)
• glibc_2.31.orig.tar.xz (16.5 MiB)