diff options
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -104,6 +104,10 @@ Security related changes: potentially resulting in degraded service or Denial of Service on the local system. Reported by Chris Schanzle. + CVE-2021-35942: The wordexp function may overflow the positional + parameter number when processing the expansion resulting in a crash. + Reported by Philippe Antoine. + The following bugs are resolved with this release: [6889] 'PWD' mentioned but not specified @@ -201,6 +205,7 @@ The following bugs are resolved with this release: [26383] bind_textdomain_codeset doesn't accept //TRANSLIT anymore [26923] Assertion failure in iconv when converting invalid UCS4 (CVE-2020-29562) [27462] nscd: double-free in nscd (CVE-2021-27645) + [28011] libc: Wild read in wordexp (parse_param) (CVE-2021-35942) Version 2.27 |