elf: Count components of the expanded path in _dl_init_path [BZ #22607]

author: Florian Weimer <fweimer@redhat.com> 2017-12-14 15:05:57 +0100
committer: Florian Weimer <fweimer@redhat.com> 2017-12-14 15:31:46 +0100
commit: 3ff3dfa5af313a6ea33f3393916f30eece4f0171 (patch)
tree: 41be59a9eb6037aba0ee37116d2b35c0a324392f /NEWS
parent: 8a0b17e48b83e933960dfeb8fa08b259f03f310e (diff)
download: glibc-3ff3dfa5af313a6ea33f3393916f30eece4f0171.tar
glibc-3ff3dfa5af313a6ea33f3393916f30eece4f0171.tar.gz
glibc-3ff3dfa5af313a6ea33f3393916f30eece4f0171.tar.bz2
glibc-3ff3dfa5af313a6ea33f3393916f30eece4f0171.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index eef51b65a6..c5607c855f 100644
--- a/NEWS
+++ b/NEWS
@@ -130,6 +130,12 @@ Security related changes:
   it is mentioned here only because of the CVE assignment.)  Reported by
   Qualys.
 
+  CVE-2017-1000409: Buffer overflow in _dl_init_paths due to miscomputation
+  of the number of search path components.  (This is not a security
+  vulnerability per se because no trust boundary is crossed if the fix for
+  CVE-2017-1000366 has been applied, but it is mentioned here only because
+  of the CVE assignment.)  Reported by Qualys.
+
 The following bugs are resolved with this release:
 
   [The release manager will add the list generated by
author	Florian Weimer <fweimer@redhat.com>	2017-12-14 15:05:57 +0100
committer	Florian Weimer <fweimer@redhat.com>	2017-12-14 15:31:46 +0100
commit	3ff3dfa5af313a6ea33f3393916f30eece4f0171 (patch)
tree	41be59a9eb6037aba0ee37116d2b35c0a324392f /NEWS
parent	8a0b17e48b83e933960dfeb8fa08b259f03f310e (diff)
download	glibc-3ff3dfa5af313a6ea33f3393916f30eece4f0171.tar glibc-3ff3dfa5af313a6ea33f3393916f30eece4f0171.tar.gz glibc-3ff3dfa5af313a6ea33f3393916f30eece4f0171.tar.bz2 glibc-3ff3dfa5af313a6ea33f3393916f30eece4f0171.zip