15884, 16469, 16617, 16619, 16657, 16740, 16857, 17192, 17266, 17344,
17363, 17370, 17371, 17411, 17460, 17475, 17485, 17501, 17506, 17508,
17522, 17555, 17570, 17571, 17572, 17573, 17574, 17581, 17582, 17583,
- 17584, 17585, 17589, 17594, 17601, 17608, 17616, 17625, 17633, 17634,
- 17647, 17653, 17657, 17664, 17665, 17668, 17682.
+ 17584, 17585, 17589, 17594, 17601, 17608, 17616, 17625, 17630, 17633,
+ 17634, 17647, 17653, 17657, 17664, 17665, 17668, 17682.
* CVE-2104-7817 The wordexp function could ignore the WRDE_NOCMD flag
under certain input conditions resulting in the execution of a shell for
* CVE-2012-3406 printf-style functions could run into a stack overflow when
processing format strings with a large number of format specifiers.
+* The nss_dns implementation of getnetbyname could run into an infinite loop
+ if the DNS response contained a PTR record of an unexpected format.
+
* The minimum GCC version that can be used to build this version of the GNU
C Library is GCC 4.6. Older GCC versions, and non-GNU compilers, can
still be used to compile programs using the GNU C Library.