Can people confirm that they're only seeing this on 12.04? The reason I ask is that the exact same patch for CVE-2016-3706 was applied in 14.04 as well as 12.04.
Using both the testcase you posted in the upstream glibc bug report and the reproducer from upstream #14505, I am now able to reproduce this with the libc 2.15-0ubuntu10.17 from precise, and confirm that things behaved correctly with eglibc 2.15-0ubuntu10.15. I also get correct results with eglibc 2.19-0ubuntu6.11 in 14.04.
At this point I'm inclined to revert the fix for CVE-2016-3706 for 12.04 as a less risky option, despite the appreciated effort you've taken, Dmitry, to come up with a patch to fix the issue. There is an eglibc package for precise that has that revert building in the ubuntu-security-proposed ppa https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/ and would very much appreciate any testing you can give it.
Thanks, and my apologies for how this update has gone.
Dmitry, thanks for the analysis. It looks like the conversion to using gethostbyname4_r for PF_UNSPEC only was for https:/ /sourceware. org/bugzilla/ show_bug. cgi?id= 14505 (glibc git commit https:/ /sourceware. org/git/ gitweb. cgi?p=glibc. git;a=commitdif f;h=8479f23aa1d 5e5477a37f46823 856bdafaedfa46 ). This change is in 14.04's (trusty) libc, but not 12.04 (precise).
Can people confirm that they're only seeing this on 12.04? The reason I ask is that the exact same patch for CVE-2016-3706 was applied in 14.04 as well as 12.04.
Using both the testcase you posted in the upstream glibc bug report and the reproducer from upstream #14505, I am now able to reproduce this with the libc 2.15-0ubuntu10.17 from precise, and confirm that things behaved correctly with eglibc 2.15-0ubuntu10.15. I also get correct results with eglibc 2.19-0ubuntu6.11 in 14.04.
At this point I'm inclined to revert the fix for CVE-2016-3706 for 12.04 as a less risky option, despite the appreciated effort you've taken, Dmitry, to come up with a patch to fix the issue. There is an eglibc package for precise that has that revert building in the ubuntu- security- proposed ppa https:/ /launchpad. net/~ubuntu- security- proposed/ +archive/ ubuntu/ ppa/ and would very much appreciate any testing you can give it.
Thanks, and my apologies for how this update has gone.