aboutsummaryrefslogtreecommitdiff
path: root/NEWS
diff options
context:
space:
mode:
authorFlorian Weimer <fweimer@redhat.com>2017-08-16 16:47:20 +0200
committerFlorian Weimer <fweimer@redhat.com>2017-08-16 16:47:20 +0200
commit403143e1df85dadd374f304bd891be0cd7573e3b (patch)
tree0c173535f63b0bd33129480f1d152d238e4fd0af /NEWS
parenteedca9772e99c72ab4c3c34e43cc764250aa3e3c (diff)
downloadglibc-403143e1df85dadd374f304bd891be0cd7573e3b.tar
glibc-403143e1df85dadd374f304bd891be0cd7573e3b.tar.gz
glibc-403143e1df85dadd374f304bd891be0cd7573e3b.tar.bz2
glibc-403143e1df85dadd374f304bd891be0cd7573e3b.zip
Add ChangeLog reference to bug 16750/CVE-2009-5064
Diffstat (limited to 'NEWS')
-rw-r--r--NEWS6
1 files changed, 5 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 484c467569..0008df16c0 100644
--- a/NEWS
+++ b/NEWS
@@ -22,7 +22,11 @@ Changes to build and runtime requirements:
Security related changes:
- [Add security related changes here]
+ CVE-2009-5064: The ldd script would sometimes run the program under
+ examination directly, without preventing code execution through the
+ dynamic linker. (The glibc project disputes that this is a security
+ vulnerability; only trusted binaries must be examined using the ldd
+ script.)
The following bugs are resolved with this release: