Release date:
2026-04-14 14:17:13 UTC
Description:
- CVE-2026-4437: fix incorrect record counting in getanswer_ptr that allowed
iteration past the answer section boundary in DNS responses
- CVE-2026-4438: fix hostname validation checking expected_name instead of
name_buffer in getanswer_ptr, which could return invalid hostnames
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
