UbuntuUpdates.org

Package "nscd"

Name: nscd

Description:

GNU C Library: Name Service Cache Daemon
Latest version: 2.42-0ubuntu3.1
Release: questing (25.10)
Level: security
Repository: universe
Head package: glibc
Homepage: https://www.gnu.org/software/libc/libc.html

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "nscd"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "nscd" in Questing

Repository Area Version
base universe 2.42-0ubuntu3
updates universe 2.42-0ubuntu3.1

Changelog

Version: 2.42-0ubuntu3.1 2026-02-03 09:08:20 UTC

  glibc (2.42-0ubuntu3.1) questing-security; urgency=medium

  * SECURITY UPDATE: use-after-free in wordexp_t fields
    - debian/patches/CVE-2025-15281.patch: posix: Reset wordexp_t fields
      with WRDE_REUSE
    - CVE-2025-15281
  * SECURITY UPDATE: integer overflow in memalign
    - debian/patches/CVE-2026-0861.patch: memalign: reinstate alignment
      overflow check
    - CVE-2026-0861
  * SECURITY UPDATE: memory leak in NSS DNS
    - debian/patches/CVE-2026-0915.patch: resolv: Fix NSS DNS backend for
      getnetbyaddr
    - CVE-2026-0915

 -- Nishit Majithia <email address hidden> Fri, 30 Jan 2026 13:59:18 +0530
CVE-2025-15281 Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return un
CVE-2026-0861 Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42
CVE-2026-0915 Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-v


About   -   Send Feedback to @ubuntu_updates