aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAurelien Jarno <aurelien@aurel32.net>2017-12-01 21:53:51 +0100
committerAurelien Jarno <aurelien@aurel32.net>2017-12-02 22:59:06 +0100
commitd81254d2efcb839fd11df2960df5bba579193808 (patch)
treedec0b56e55e68251ad0e26102ed248a805f588e4
parentbddc5728810859952a2acaec6302308361e828cc (diff)
downloadglibc-d81254d2efcb839fd11df2960df5bba579193808.tar
glibc-d81254d2efcb839fd11df2960df5bba579193808.tar.gz
glibc-d81254d2efcb839fd11df2960df5bba579193808.tar.bz2
glibc-d81254d2efcb839fd11df2960df5bba579193808.zip
Update NEWS to add CVE-2017-15804 entry
(cherry picked from commit 15e84c63c05e0652047ba5e738c54d79d62ba74b)
Diffstat
-rw-r--r--NEWS4
1 files changed, 2 insertions, 2 deletions
diff --git a/NEWS b/NEWS
index 0531dfa9c6..bc32643255 100644
--- a/NEWS
+++ b/NEWS
@@ -30,8 +30,8 @@ Security related changes:
processing, leading to a memory leak and, potentially, to a denial
of service.
-* The glob function, when invoked with GLOB_TILDE and without
- GLOB_NOESCAPE, could write past the end of a buffer while
+* CVE-2017-15804: The glob function, when invoked with GLOB_TILDE and
+ without GLOB_NOESCAPE, could write past the end of a buffer while
unescaping user names. Reported by Tim Rühsen.
The following bugs are resolved with this release:
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-03 00:20:01 +0000