configure.ac | 3 2 1 - 0 !
src/lib/hesiod.c | 15 13 2 - 0 !
2 files changed, 15 insertions( ), 3 deletions(-)

 cve-2016-10151: use secure_getenv() when it's available.

Factor out logic that attempts to only consult the environment when it's
safe to do so into its own function, and use secure_getenv() instead of
getenv() if it's available.

https://github.com/achernya/hesiod/commit/39b21dac9bc6473365de04d94be0da94941c7c73

Closes: #852094

src/lib/Makefile.am | 2 1 1 - 0 !
src/lib/hesiod.c | 21 1 20 - 0 !
2 files changed, 2 insertions( ), 21 deletions(-)

 cve-2016-10152: remove hard-coded defaults for lhs and rhs.

Don't fall back to using a default LHS or RHS when the configuration
file can't be read.  Instead, return an error.

https://github.com/achernya/hesiod/commit/247e2ce1f2aff40040657acaae7f1a1d673d6618

Closes: #852093