1 |
type: security |
2 |
subject: Updated glibc packages fix security vulnerability |
3 |
CVE: |
4 |
- CVE-2015-5180 |
5 |
- CVE-2016-5417 |
6 |
src: |
7 |
5: |
8 |
core: |
9 |
- glibc-2.20-24.mga5 |
10 |
description: | |
11 |
Florian Weimer discovered a NULL pointer dereference in the DNS |
12 |
resolver of the GNU C Library. An attacker could use this to cause |
13 |
a denial of service (CVE-2015-5180). |
14 |
|
15 |
Tim Ruehsen discovered that the getaddrinfo() implementation in the |
16 |
GNU C Library did not properly track memory allocations. An attacker |
17 |
could use this to cause a denial of service (CVE-2016-5417). |
18 |
references: |
19 |
- https://bugs.mageia.org/show_bug.cgi?id=20552 |
20 |
ID: MGASA-2017-0091 |