CVE-2015-7547: getaddrinfo() stack-based buffer overflow

Dominique Jullier doj at
Wed Feb 17 16:22:00 UTC 2016

Hello all,

Are they any thoughts around, how to handle yesterday's glibc
vulnerability[1][2] from the side bind? 

Since it is a rather painful task in order to update all hosts to a new
version of glibc, we were thinking about other possible workarounds.

Any ideas how to drop non-compliant responses in bind? I.e. with an
extension/adaptation of bind?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3905 bytes
Desc: not available
URL: <>

More information about the bind-users mailing list