Ubuntu
eglibc package

  1. Bug #1719959
  2. Comment #1

Comment 1 for bug 1719959

Revision history for this message
Florian Weimer (fweimer) wrote :

Looks like this issue

  https://sourceware.org/bugzilla/show_bug.cgi?id=21336#c16

Quoting:

The announcement of CVE-2015-7547 said:


- Always malloc the second response buffer if needed.

  - Requires fix for sourceware bug 16574 to avoid memory leak.
    commit d668061994a7486a3ba9c7d5e7882d85a2883707
    commit ab09bf616ad527b249aca5f2a4956fd526f0712f

<https://www.sourceware.org/ml/libc-alpha/2016-02/msg00416.html>

Coincidentally, this regression originally delayed the disclosure of CVE-2015-7547. The upstream glibc 2.19 branch already had the fix for bug 16574 when CVE-2015-7547 was fixed, but our downstream 2.12 and 2.17 branches still needed it.

If you have you own resolv backports, you should really try to get a valgrind-clean pass with the external resolv test suite:

<https://pagure.io/glibc-resolv-tests>