fix:CVE-2023-5156

(cherry picked from commit 2d0047f66b878118bf88a0af202cb92ddeefad5e)

backport-CVE-2023-5156.patch

@@ -0,0 +1,29 @@
+From ec6b95c3303c700eb89eebeda2d7264cc184a796 Mon Sep 17 00:00:00 2001
+From: Romain Geissler <romain.geissler@amadeus.com>
+Date: Mon, 25 Sep 2023 01:21:51 +0100
+Subject: [PATCH] Fix leak in getaddrinfo introduced by the fix for
+ CVE-2023-4806 [BZ #30843]
+
+This patch fixes a very recently added leak in getaddrinfo.
+
+Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
+
+---
+ sysdeps/posix/getaddrinfo.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c
+index 614ee39f..b3321913 100644
+--- a/sysdeps/posix/getaddrinfo.c
++++ b/sysdeps/posix/getaddrinfo.c
+@@ -1160,6 +1160,7 @@ gaih_inet (const char *name, const struct gaih_service *service,
+ 
+   if (res.malloc_h_name){
+     free (res.h_name);
++    res.malloc_h_name = false;
+   }
+ 
+   return result;
+-- 
+2.23.0
+

glibc.spec

@@ -62,7 +62,7 @@
 ##############################################################################
 Name: 	 	glibc
 Version: 	2.28
-Release: 	96
+Release: 	97
 Summary: 	The GNU libc libraries
 License:	%{all_license}
 URL: 		http://www.gnu.org/software/glibc/
@@ -159,6 +159,7 @@ Patch72: gmon-Fix-allocated-buffer-overflow-bug-29444.patch
 Patch73: mips-Fix-argument-passing-for-inlined-syscalls-on-Linux-BZ-25523.patch
 Patch74: backport-CVE-2023-4813.patch
 Patch75: backport-CVE-2023-4806.patch
+Patch76: backport-CVE-2023-5156.patch
 
 Provides: ldconfig rtld(GNU_HASH) bundled(gnulib)
 
@@ -1218,6 +1219,9 @@ fi
 %endif
 
 %changelog
+* Tue Sep 26 2023 zhanghao <zhanghao383@huawei.com> - 2.28-97
+- nss:fix CVE-2023-5156
+
 * Mon Sep 25 2023 zhanghao <zhanghao383@huawei.com> - 2.28-96
 - nss:fix CVE-2023-4806 CVE-2023-5156