diff options
| author | Xi Ruoyao <xry111@xry111.site> | 2023-09-13 14:31:39 +0800 |
|---|---|---|
| committer | Xi Ruoyao <xry111@xry111.site> | 2023-09-13 14:32:19 +0800 |
| commit | 48d8f5a51d5dfe58ac6d205fa7430f364225fab2 (patch) | |
| tree | f491e476e14b9fb4fa90a5d8d2003f536d2c7512 | |
| parent | c858ba4e17a445591520ddcea8b288b8e3d6db42 (diff) | |
glibc: Fix CVE-2023-4527
| -rw-r--r-- | chapter08/glibc.xml | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/chapter08/glibc.xml b/chapter08/glibc.xml index 3932a2147..c648fe129 100644 --- a/chapter08/glibc.xml +++ b/chapter08/glibc.xml @@ -55,6 +55,18 @@ <screen><userinput remap="pre">patch -Np1 -i ../&glibc-memalign-patch;</userinput></screen> + <!-- CVE-2023-4527 + https://sourceware.org/bugzilla/show_bug.cgi?id=30842 + https://sourceware.org/ml/libc-alpha/2023-September/151522.html --> + <para>Then fix a security vulnerability exploitable when the + <option>no-aaaa</option> option is used in + <filename>/etc/resolv.conf</filename>:</para> + +<screen><userinput remap="pre">sed \ + -E "/__res_context_search/\ + {N;N;s/(search \(([^,]*,){6}[^,]*)NULL/\1\&alt_dns_packet_buffer/}" \ + -i resolv/nss_dns/dns-host.c</userinput></screen> + <para>The Glibc documentation recommends building Glibc in a dedicated build directory:</para> |