| Name | CVE-2013-4357 |
| Description | The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| References | DLA-165-1 |
| Debian Bugs | 742925 |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| eglibc | source | squeeze | 2.11.3-4+deb6u5 | DLA-165-1 | ||
| eglibc | source | wheezy | 2.13-38+deb7u6 | |||
| eglibc | source | (unstable) | 2.17-1 | unimportant | 742925 |
http://sourceware.org/bugzilla/show_bug.cgi?id=12671
https://bugzilla.redhat.com/show_bug.cgi?id=797096
https://sourceware.org/git/?p=glibc.git;a=commit;h=f2962a71959fd254a7a223437ca4b63b9e81130c
https://sourceware.org/git/?p=glibc.git;a=commit;h=34a9094f49241ebb72084c536cf468fd51ebe3ec
https://sourceware.org/git/?p=glibc.git;a=commit;h=c8fc0c91695b1c7003c7170861274161f9224817
Fixed upstream in 2.14