-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3850-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk June 30, 2024 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : glibc Version : 2.28-10+deb10u4 CVE ID : CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602 Multiple vulnerabilities have been fixed in the Name Service Cache Daemon that is built by the GNU C library and shipped in the nscd binary package. CVE-2024-33599 nscd: Stack-based buffer overflow in netgroup cache CVE-2024-33600 nscd: Null pointer crashes after notfound response CVE-2024-33601 nscd: Daemon may terminate on memory allocation failure CVE-2024-33602 nscd: Possible memory corruption For Debian 10 buster, these problems have been fixed in version 2.28-10+deb10u4. We recommend that you upgrade your glibc packages. For the detailed security status of glibc please refer to its security tracker page at: https://security-tracker.debian.org/tracker/glibc Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmaBZksACgkQiNJCh6LY mLFKQw//V2MGxuX6AE5Fg9kFzjU4ZlGAFBdiXDwQIK33HmR5fLAdVgNqGlDdJyOW Kq4g9e9IZMMPK5vEXJHHtLP5hqMdbSJ7jXHqBforzD1SqYJx3w83bBSpQvBb3ILF +3AsvQ3q/Fq0+76idZmB/uEr3PKoYAZaN5zGiA0eldqiM0vQVH3a8PNX6zIkm7IZ aEPHm6t2+x2SoV0GZ5Mn6lkjGwxiwDhfy3/7JAPinZnTMzY6/ADKqN/L7ttsdP5c MWlsF5ZNioPNAiimfZmdvxukJtCWrgklhMi55HqIFGCIMbojSIEMdJOItETZKKU6 61mVoMBAK4SYdquHvYt86LukSmImCxnSNG4Uk6OcBFr72VKHoR1YEJ9REiBxN2sV +KdFpYLmglJEIWiBObFdlvtvPGYjatKu4aY1g96OpqJi5Jw/EgQlhJenVf3BJcz/ QrRCqAL2BCbGAR66YlcaCI/x+9c7YG03Si+AQWPrDGdXiTGVFnHXJTssD5Z++H/J 7obzZdXnwPOGNA7pG0bypeIRrnCY0Ma5iDzB3sRQrBSiPU9vtOVRdNOsGA4IjI5f CV+kjvm83CAr27ZIYtNb795tLiuSMKLPN5Vw9BNo05nR291fti1sGsFhU7w2xGvI Lz8/7JwD2Xhk2Dqi2qMR3zA2wTd7+ELyoezlhHlQcRBox7aA16Q= =yPsb -----END PGP SIGNATURE-----