AVG-369 log

Package lib32-glibc
Status Fixed
Severity Critical
Type multiple issues
Affected 2.25-7
Fixed 2.26-1
Current 2.40+r16+gaa533d58ff-2 [core]
Ticket None
Created Wed Aug 2 15:26:29 2017
Issue Severity Remote Type Description
CVE-2017-12133 Critical Yes Arbitrary code execution
A use-after-free vulnerability has been found the GNU C Library (aka glibc or libc6) before version 2.26, in clntudp_call in the Sun RPC system.
CVE-2017-12132 Medium Yes Content spoofing
The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from...