diff options
author | Dmitry V. Levin <ldv@altlinux.org> | 2022-10-04 08:00:00 +0000 |
---|---|---|
committer | Dmitry V. Levin <ldv@altlinux.org> | 2022-10-04 08:00:00 +0000 |
commit | 32022774db16ae5e41a940e559f11eb74bb011bf (patch) | |
tree | a28608177c7ff23a217c961e1a683d6b5405a22b | |
parent | 09c113cf00c4d42e5a46206d7c5fc4cc3470bccb (diff) | |
download | glibc-32022774db16ae5e41a940e559f11eb74bb011bf.tar.gz glibc-32022774db16ae5e41a940e559f11eb74bb011bf.tar.xz glibc-32022774db16ae5e41a940e559f11eb74bb011bf.zip |
NEWS: Move CVE-2021-33574 entry from 2.32 section to 2.32.1
The fix was backported by commit ff75390ef59823193351ae77584c397c503b7b58 ("Use __pthread_attr_copy in mq_notify (bug 27896)") after glibc 2.32 release.
-rw-r--r-- | NEWS | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/NEWS b/NEWS index 5f43794bf5..cf8c54f681 100644 --- a/NEWS +++ b/NEWS @@ -13,6 +13,10 @@ Security related changes: invoked with input containing redundant shift sequences in the IBM1364, IBM1371, IBM1388, IBM1390, or IBM1399 character sets. + CVE-2021-33574: The mq_notify function has a potential use-after-free + issue when using a notification type of SIGEV_THREAD and a thread + attribute with a non-default affinity mask. + The following bugs are resolved with this release: [20019] NULL pointer dereference in libc.so.6 IFUNC due to uninitialized GOT @@ -258,10 +262,6 @@ Security related changes: Dytrych of the Cisco Security Assessment and Penetration Team (See TALOS-2020-1019). - CVE-2021-33574: The mq_notify function has a potential use-after-free - issue when using a notification type of SIGEV_THREAD and a thread - attribute with a non-default affinity mask. - The following bugs are resolved with this release: [9809] localedata: ckb_IQ: new Kurdish Sorani locale |