CVE-2015-0235 glibc: __nss_hostname_digits_dots() heap-based buffer overflow

Bug 1183461: A heap-based buffer overflow was found in __nss_hostname_digits_dots(), which is used by the gethostbyname() and gethostbyname2() glibc function call. A remote attacker could use this flaw to execute arbitary code with the permissions of the user running the application.

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235

http://www.frsag.org/pipermail/frsag/2015-January/005722.html

https://sourceware.org/git/?p=glibc.git;a=commit;h=d5dd6189d506068ed11c8bfa1e1e9bffde04decd