The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value. (CVE-2015-8776)
Impact
An application or daemon that passes out-of-range time values to the strftime() function may crash and lead to a denial-of-service (DoS) on the application or daemon.