| Message ID | cover.1777546194.git.fweimer@redhat.com (mailing list archive) |
|---|---|
| Headers |
Return-Path: <libc-alpha-bounces~patchwork=sourceware.org@sourceware.org> X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from vm01.sourceware.org (localhost [127.0.0.1]) by sourceware.org (Postfix) with ESMTP id 3ECE5436A048 for <patchwork@sourceware.org>; Thu, 30 Apr 2026 10:52:10 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 3ECE5436A048 Authentication-Results: sourceware.org; dkim=pass (1024-bit key, unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=SJNFKb9E X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTP id 824EB4371D64 for <libc-alpha@sourceware.org>; Thu, 30 Apr 2026 10:51:40 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 824EB4371D64 Authentication-Results: sourceware.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 824EB4371D64 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1777546300; cv=none; b=UCDkQuKvxfejQpsn4AVT9hnBiqzN53RiMcXRa4e2baI5yrLEPX20/UgI0hJyO1YifxY8EZmoF+RhZbRYUkH9PnXdWnYMvcpF8jrI27qskpPhmeM156PgASi3elVAHLSwK2IVuJwN0oCNT0Hc+BvP2pEQ5aFqlGleGpYlJoH8Irk= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1777546300; c=relaxed/simple; bh=Kra5ImuYlMRO0dlFoi0bRxVPcrZ0B6rzZnSsKVckkl8=; h=DKIM-Signature:From:To:Subject:Message-ID:Date:MIME-Version; b=a2UOqBMUmPVFBestX6wUUdkDCmcBFl5TH3A/AJkxyr8KuqbV7AC27r8AsO8Bfk0Nnb4PhZiTx+zkl1189/dFU3LUPuTfirEpp9OWXcbusg8TLToctd6IJXX/dAPUdYfJJlKRuEviQQTUocLn7Te8/sdiVnlg+IyjY8DWRsgNQN4= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 824EB4371D64 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1777546300; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type; bh=HZanmWBU8YRBbVECoOym5/B05i6Aq6DQrj9AD88e88M=; b=SJNFKb9E4Xwr9nl2GwDdc9IBxxkzmrA5WV92/mcQnhaKHIZ94YWm/G2/+piiipPwCQltEK CpenuSMz0QL2WVKY1wQmEfW6PGoB3l5B/P0hj45tuIe1gB+XeDD+aBG1x20NeNjCN2LHzf UBxTjcxxmvwZWwU+/aVbRSvHwDDg+fE= Received: from mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-478-knitDXxiNA272lySFpU4GQ-1; Thu, 30 Apr 2026 06:51:38 -0400 X-MC-Unique: knitDXxiNA272lySFpU4GQ-1 X-Mimecast-MFC-AGG-ID: knitDXxiNA272lySFpU4GQ_1777546298 Received: from mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.111]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 00D3E18004AD for <libc-alpha@sourceware.org>; Thu, 30 Apr 2026 10:51:38 +0000 (UTC) Received: from fweimer-oldenburg.csb.redhat.com (unknown [10.44.48.4]) by mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 4D6161800446 for <libc-alpha@sourceware.org>; Thu, 30 Apr 2026 10:51:36 +0000 (UTC) From: Florian Weimer <fweimer@redhat.com> To: libc-alpha@sourceware.org Subject: [PATCH 0/5] Fixes for CVE-2026-5435, CVE-2026-6238 Message-ID: <cover.1777546194.git.fweimer@redhat.com> X-From-Line: c0191a0afbfd6837bc7bc1b2695eaacf3e41b0fe Mon Sep 17 00:00:00 2001 Date: Thu, 30 Apr 2026 12:51:34 +0200 User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.111 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: 9hDoR_7hLbtqXYoNeq6dZXHcpd9iNnuET2GarWPwKPg_1777546298 X-Mimecast-Originator: redhat.com Content-Type: text/plain X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H5, RCVD_IN_MSPIKE_WL, SPF_HELO_PASS, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org> List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>, <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe> List-Archive: <https://sourceware.org/pipermail/libc-alpha/> List-Post: <mailto:libc-alpha@sourceware.org> List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help> List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>, <mailto:libc-alpha-request@sourceware.org?subject=subscribe> Errors-To: libc-alpha-bounces~patchwork=sourceware.org@sourceware.org |
| Series |
Fixes for CVE-2026-5435, CVE-2026-6238
|
|
Message
Florian Weimer
April 30, 2026, 10:51 a.m. UTC
CVE-2026-6238 has multiple vulnerable commits across different glibc
versions. Technically, this means the CVE ID should be SPLIT. I'm not
sure if this is worthwhile because I doubt people care about glibc
before version 2.7.
Thanks,
Florian
Florian Weimer (5):
Update GLIBC-SA-2026-0012 to mention A6 records
resolv: Check for inet_ntop failure in ns_sprintrrf
resolv: Remove incorrect parts of TSIG handling from ns_sprintrrf
(CVE-2026-5435)
resolv: Fix buffer overreads in ns_sprintrrf (CVE-2026-6238)
resolv: Add test case tst-ns_sprintrr (bug 34033, bug 34069)
advisories/GLIBC-SA-2026-0012 | 4 +-
resolv/Makefile | 2 +
resolv/ns_print.c | 46 ++---
resolv/tst-ns_sprintrr.c | 322 ++++++++++++++++++++++++++++++++++
4 files changed, 352 insertions(+), 22 deletions(-)
create mode 100644 resolv/tst-ns_sprintrr.c
base-commit: dbc2b380fac027fed5db6ae864e4accf9f82a3fd
Comments
* Florian Weimer: > CVE-2026-6238 has multiple vulnerable commits across different glibc > versions. Technically, this means the CVE ID should be SPLIT. I'm not > sure if this is worthwhile because I doubt people care about glibc > before version 2.7. > > Thanks, > Florian > > Florian Weimer (5): > Update GLIBC-SA-2026-0012 to mention A6 records > resolv: Check for inet_ntop failure in ns_sprintrrf > resolv: Remove incorrect parts of TSIG handling from ns_sprintrrf > (CVE-2026-5435) > resolv: Fix buffer overreads in ns_sprintrrf (CVE-2026-6238) > resolv: Add test case tst-ns_sprintrr (bug 34033, bug 34069) > > advisories/GLIBC-SA-2026-0012 | 4 +- > resolv/Makefile | 2 + > resolv/ns_print.c | 46 ++--- > resolv/tst-ns_sprintrr.c | 322 ++++++++++++++++++++++++++++++++++ > 4 files changed, 352 insertions(+), 22 deletions(-) > create mode 100644 resolv/tst-ns_sprintrr.c > > > base-commit: dbc2b380fac027fed5db6ae864e4accf9f82a3fd Ping. I'd appreciate review of this security fix. <https://inbox.sourceware.org/libc-alpha/cover.1777546194.git.fweimer@redhat.com> Thanks, Florian