glibc "getaddrinfo() writes DNS queries to random file descriptors under high load" https://sourceware.org/bugzilla/show_bug.cgi?id=15946 … "Fixed in 2.20", reopened, CVE?
-
-
@RichFelker To me, this message says that the bug still being reproducible on glibc 2.20 is a false positive, but the fix in 2.20 was neededThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@RichFelker Someone should run the corrected testcase on pre-2.20 to see if the issue was reproducible before the fix or not -
@solardiz I followed up and it looks like that's been done and the corrected testcase still detects the pre-fix bug. -
@RichFelker Thanks! Can you post a follow-up to the oss-security thread? http://www.openwall.com/lists/oss-security/2015/01/29/7 …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.