diff options
author | Florian Weimer <fweimer@redhat.com> | 2016-08-16 11:15:09 +0200 |
---|---|---|
committer | Florian Weimer <fweimer@redhat.com> | 2016-08-16 11:15:09 +0200 |
commit | 4d047efdbc55b0d68947cde682e5363d16a66294 (patch) | |
tree | c9a3c2da0e71dbbea7d6b0716d952de3c3cf42bb | |
parent | fc86a87d788596c6d418f0fa79c79fffc6cfd08f (diff) | |
download | glibc-4d047efdbc55b0d68947cde682e5363d16a66294.tar.gz glibc-4d047efdbc55b0d68947cde682e5363d16a66294.tar.xz glibc-4d047efdbc55b0d68947cde682e5363d16a66294.zip |
Add NEWS entry for CVE-2016-6323
-rw-r--r-- | ChangeLog | 1 | ||||
-rw-r--r-- | NEWS | 6 |
2 files changed, 6 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog index 505c558121..87fcf32f02 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,7 @@ 2016-08-15 Andreas Schwab <schwab@suse.de> [BZ #20435] + CVE-2016-6323 * sysdeps/unix/sysv/linux/arm/setcontext.S (__startcontext): Mark as .cantunwind. diff --git a/NEWS b/NEWS index fe9ff1c451..aaed9e02cf 100644 --- a/NEWS +++ b/NEWS @@ -34,7 +34,11 @@ Version 2.25 Security related changes: - [Add security related changes here] + On ARM EABI (32-bit), generating a backtrace for execution contexts which + have been created with makecontext could fail to terminate due to a + missing .cantunwind annotation. This has been observed to lead to a hang + (denial of service) in some Go applications compiled with gccgo. Reported + by Andreas Schwab. The following bugs are resolved with this release: |