diff options
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -21,6 +21,12 @@ Security related changes: heap and prints it to the target log file, potentially revealing a portion of the contents of the heap. + CVE-2023-4527: If the system is configured in no-aaaa mode via + /etc/resolv.conf, getaddrinfo is called for the AF_UNSPEC address + family, and a DNS response is received over TCP that is larger than + 2048 bytes, getaddrinfo may potentially disclose stack contents via + the returned address data, or crash. + The following bugs are resolved with this release: [12154] Do not fail DNS resolution for CNAMEs which are not host names @@ -65,6 +71,7 @@ The following bugs are resolved with this release: [30477] libc: [RISCV]: time64 does not work on riscv32 [30515] _dl_find_object incorrectly returns 1 during early startup [30785] Always call destructors in reverse constructor order + [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) Version 2.36 |