advisories/20552.adv

type: security
subject: Updated glibc packages fix security vulnerability
CVE:
 - CVE-2015-5180
 - CVE-2016-5417
src:
  5:
   core:
     - glibc-2.20-24.mga5
description: |
  Florian Weimer discovered a NULL pointer dereference in the DNS
  resolver of the GNU C Library. An attacker could use this to cause
  a denial of service (CVE-2015-5180).

  Tim Ruehsen discovered that the getaddrinfo() implementation in the
  GNU C Library did not properly track memory allocations. An attacker
  could use this to cause a denial of service (CVE-2016-5417).
references:
 - https://bugs.mageia.org/show_bug.cgi?id=20552
ID: MGASA-2017-0091
1	type: security
2	subject: Updated glibc packages fix security vulnerability
3	CVE:
4	- CVE-2015-5180
5	- CVE-2016-5417
6	src:
7	5:
8	core:
9	- glibc-2.20-24.mga5
10	description: \|
11	Florian Weimer discovered a NULL pointer dereference in the DNS
12	resolver of the GNU C Library. An attacker could use this to cause
13	a denial of service (CVE-2015-5180).
14
15	Tim Ruehsen discovered that the getaddrinfo() implementation in the
16	GNU C Library did not properly track memory allocations. An attacker
17	could use this to cause a denial of service (CVE-2016-5417).
18	references:
19	- https://bugs.mageia.org/show_bug.cgi?id=20552
20	ID: MGASA-2017-0091