| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-CVE-2016-10151-Use-secure_getenv-when-it-s-available.patch | CVE-2016-10151: Use secure_getenv() when it's available. Factor out logic that attempts to only consult the environment when it's safe to do so into its own function, and use secure_getenv() instead of getenv() if it's available. https://github.com/achernya/hesiod/commit/39b21dac9bc6473365de04d94be0da94941c7c73 |
"Dr. Tobias Quathamer" <toddy@debian.org> | no | 2019-02-13 | ||
| 0002-CVE-2016-10152-Remove-hard-coded-defaults-for-LHS-an.patch | CVE-2016-10152: Remove hard-coded defaults for LHS and RHS. Don't fall back to using a default LHS or RHS when the configuration file can't be read. Instead, return an error. https://github.com/achernya/hesiod/commit/247e2ce1f2aff40040657acaae7f1a1d673d6618 |
"Dr. Tobias Quathamer" <toddy@debian.org> | no | 2019-02-13 |