{"id":"MGASA-2016-0079","summary":"Updated glibc packages fix security vulnerabilities","details":"Updated glibc fixes the following security issues:\n\nA stack overflow (unbounded alloca) could have caused applications which\nprocess long strings with the nan function to crash or, potentially,\nexecute arbitrary code (CVE-2014-9761).\n\nA stack-based buffer overflow in getaddrinfo allowed remote attackers\nto cause a crash or execute arbitrary code via crafted and timed DNS\nresponses (CVE-2015-7547).\n\nOut-of-range time values passed to the strftime function may cause it\nto crash, leading to a denial of service, or potentially disclosure\ninformation (CVE-2015-8776).\n\nInsufficient checking of LD_POINTER_GUARD environment variable allowed\nlocal attackers to bypass the pointer guarding protection of the dynamic\nloader on set-user-ID and set-group-ID programs (CVE-2015-8777).\n\nInteger overflow in hcreate and hcreate_r could have caused an out-of-bound\nmemory access. leading to application crashes or, potentially, arbitrary \ncode execution (CVE-2015-8778).\n\nA stack overflow (unbounded alloca) in the catopen function could have\ncaused applications which pass long strings to the catopen function to\ncrash or, potentially execute arbitrary code (CVE-2015-8779).\n","modified":"2026-02-02T07:26:55.298119Z","published":"2016-02-19T08:40:43Z","related":["CVE-2014-9761","CVE-2015-7547","CVE-2015-8776","CVE-2015-8777","CVE-2015-8778","CVE-2015-8779"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0079.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=17394"}],"affected":[{"package":{"name":"glibc","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/glibc?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.20-21.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0079.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}