NIXPKGS-2026-0026 published on 17 Jan 2026 CVE-2026-0915 updated 5 days, 5 hours ago by @LeSuisse Activity log Created automatic suggestion 5 days, 18 hours ago @LeSuisse removed 24 packages iconv getent locale libc mtrace getconf libiconv glibcInfo glibc_multi glibcLocales glibc_memusage glibcLocalesUtf8 unixtools.getent unixtools.locale unixtools.getconf tests.hardeningFlags-gcc.glibcxxassertionsStdenvUnsupp tests.hardeningFlags-clang.glibcxxassertionsStdenvUnsupp tests.hardeningFlags-clang.allExplicitDisabledGlibcxxAssertions tests.hardeningFlags-gcc.allExplicitDisabledGlibcxxAssertions tests.hardeningFlags-clang.glibcxxassertionsExplicitDisabled tests.hardeningFlags-clang.glibcxxassertionsExplicitEnabled tests.hardeningFlags-gcc.glibcxxassertionsExplicitDisabled tests.hardeningFlags.allExplicitDisabledGlibcxxAssertions tests.hardeningFlags-gcc.glibcxxassertionsExplicitEnabled 5 days, 5 hours ago @LeSuisse accepted as draft 5 days, 5 hours ago @LeSuisse published on GitHub 5 days, 5 hours ago getnetbyaddr and getnetbyaddr_r leak stack contents to DNS resovler Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver. Affected products glibc =<2.42 Matching in nixpkgs pkgs.glibc GNU C Library nixos-unstable 2.40-66 nixpkgs-unstable 2.40-66 nixos-unstable-small 2.40-66 nixos-25.05 2.40-66 nixos-25.05-small 2.40-66 nixpkgs-25.05-darwin 2.40-66 Package maintainers: 2 @ConnorBaker Connor Baker <ConnorBaker01@gmail.com> @Ma27 Maximilian Bosch <maximilian@mbosch.me>
CVE-2026-0915 updated 5 days, 5 hours ago by @LeSuisse Activity log Created automatic suggestion 5 days, 18 hours ago @LeSuisse removed 24 packages iconv getent locale libc mtrace getconf libiconv glibcInfo glibc_multi glibcLocales glibc_memusage glibcLocalesUtf8 unixtools.getent unixtools.locale unixtools.getconf tests.hardeningFlags-gcc.glibcxxassertionsStdenvUnsupp tests.hardeningFlags-clang.glibcxxassertionsStdenvUnsupp tests.hardeningFlags-clang.allExplicitDisabledGlibcxxAssertions tests.hardeningFlags-gcc.allExplicitDisabledGlibcxxAssertions tests.hardeningFlags-clang.glibcxxassertionsExplicitDisabled tests.hardeningFlags-clang.glibcxxassertionsExplicitEnabled tests.hardeningFlags-gcc.glibcxxassertionsExplicitDisabled tests.hardeningFlags.allExplicitDisabledGlibcxxAssertions tests.hardeningFlags-gcc.glibcxxassertionsExplicitEnabled 5 days, 5 hours ago @LeSuisse accepted as draft 5 days, 5 hours ago @LeSuisse published on GitHub 5 days, 5 hours ago getnetbyaddr and getnetbyaddr_r leak stack contents to DNS resovler Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver. Affected products glibc =<2.42 Matching in nixpkgs pkgs.glibc GNU C Library nixos-unstable 2.40-66 nixpkgs-unstable 2.40-66 nixos-unstable-small 2.40-66 nixos-25.05 2.40-66 nixos-25.05-small 2.40-66 nixpkgs-25.05-darwin 2.40-66 Package maintainers: 2 @ConnorBaker Connor Baker <ConnorBaker01@gmail.com> @Ma27 Maximilian Bosch <maximilian@mbosch.me>
pkgs.glibc GNU C Library nixos-unstable 2.40-66 nixpkgs-unstable 2.40-66 nixos-unstable-small 2.40-66 nixos-25.05 2.40-66 nixos-25.05-small 2.40-66 nixpkgs-25.05-darwin 2.40-66