slackware-current/source/l/glibc/patches/CVE-2021-27645.patch

--- ./nscd/netgroupcache.c.orig	2021-08-07 13:20:02.459057859 -0500
+++ ./nscd/netgroupcache.c	2021-08-07 13:22:08.983060689 -0500
@@ -248,7 +248,7 @@
 					     : NULL);
 				    ndomain = (ndomain ? newbuf + ndomaindiff
 					       : NULL);
-				    buffer = newbuf;
+				    *tofreep = buffer = newbuf;
 				  }
 
 				nhost = memcpy (buffer + bufused,
@@ -319,7 +319,7 @@
 		    else if (status == NSS_STATUS_TRYAGAIN && e == ERANGE)
 		      {
 			buflen *= 2;
-			buffer = xrealloc (buffer, buflen);
+			*tofreep = buffer = xrealloc (buffer, buflen);
 		      }
 		    else if (status == NSS_STATUS_RETURN
 			     || status == NSS_STATUS_NOTFOUND
Sat Aug 7 19:04:04 UTC 2021 a/aaa_glibc-solibs-2.33-x86_64-3.txz: Rebuilt. a/usbutils-014-x86_64-1.txz: Upgraded. ap/mariadb-10.6.4-x86_64-1.txz: Upgraded. ap/nvme-cli-1.15-x86_64-1.txz: Upgraded. l/glibc-2.33-x86_64-3.txz: Rebuilt. Since glibc-2.34 makes a potentially risky change of moving all functions into the main library, and another inconvenient (for us) change of renaming the library files, we'll stick with glibc-2.33 for Slackware 15.0 and test the newer glibc in the next release cycle. But we'll backport the security fixes from glibc-2.34 with this update: The nameserver caching daemon (nscd), when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. Reported by Chris Schanzle. The mq_notify function has a potential use-after-free issue when using a notification type of SIGEV_THREAD and a thread attribute with a non-default affinity mask. The wordexp function may overflow the positional parameter number when processing the expansion resulting in a crash. Reported by Philippe Antoine. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942 (* Security fix *) l/glibc-i18n-2.33-x86_64-3.txz: Rebuilt. l/glibc-profile-2.33-x86_64-3.txz: Rebuilt. l/liburing-2.0-x86_64-1.txz: Added. This is needed by mariadb, and provides increased performance on high speed devices such as NVMe. n/dovecot-2.3.16-x86_64-1.txz: Upgraded. xap/blueman-2.2.2-x86_64-1.txz: Upgraded. 2021-08-07 21:04:04 +02:00			`--- ./nscd/netgroupcache.c.orig 2021-08-07 13:20:02.459057859 -0500`
			`+++ ./nscd/netgroupcache.c 2021-08-07 13:22:08.983060689 -0500`
			`@@ -248,7 +248,7 @@`
			`: NULL);`
			`ndomain = (ndomain ? newbuf + ndomaindiff`
			`: NULL);`
			`- buffer = newbuf;`
			`+ *tofreep = buffer = newbuf;`
			`}`

			`nhost = memcpy (buffer + bufused,`
			`@@ -319,7 +319,7 @@`
			`else if (status == NSS_STATUS_TRYAGAIN && e == ERANGE)`
			`{`
			`buflen *= 2;`
			`- buffer = xrealloc (buffer, buflen);`
			`+ *tofreep = buffer = xrealloc (buffer, buflen);`
			`}`
			`else if (status == NSS_STATUS_RETURN`
			`\|\| status == NSS_STATUS_NOTFOUND`