CVE-2015-7547: stack-based buffer overflow in glibc's getaddrinfo function

[Florian Weimer <fweimer () redhat com>]

Hi,

today, we are disclosing a vulnerability in the nss_dns backend for
getaddrinfo, related to handling dual A/AAAA queries:

The security impact of this issue was discovered roughly at the same
time by the Google Security Team and Red Hat.

Background information:

  https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html

https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html

Thanks,
Florian