ArchLinux: 201602-23: lib32-glibc: unbound stack usage
Summary
- CVE-2014-9761 (unbound stack usage) The nan, nanf and nanl functions no longer have unbounded stack usage depending on the length of the string passed as an argument to the functions.
Resolution
Upgrade to 2.23-1.
# pacman -Syu "lib32-glibc>=2.23-1"
The problem has been fixed upstream in version 2.23.
References
https://access.redhat.com/security/cve/CVE-2014-9761 https://seclists.org/oss-sec/2016/q1/153
Workaround
None.