about summary refs log tree commit diff
diff options
context:
space:
mode:
authorAurelien Jarno <aurelien@aurel32.net>2017-12-01 21:53:51 +0100
committerAurelien Jarno <aurelien@aurel32.net>2017-12-01 22:20:26 +0100
commit4444f6a92b83f7e044705b43b11dcdb0dbe97fe1 (patch)
tree42a19e1cc1b83333d4bfe7f3788ab3286467aee4
parentb2b39e667143a921eeec01517c9c99ea25eaafae (diff)
downloadglibc-4444f6a92b83f7e044705b43b11dcdb0dbe97fe1.tar.gz
glibc-4444f6a92b83f7e044705b43b11dcdb0dbe97fe1.tar.xz
glibc-4444f6a92b83f7e044705b43b11dcdb0dbe97fe1.zip
Update NEWS to add CVE-2017-15804 entry
(cherry picked from commit 15e84c63c05e0652047ba5e738c54d79d62ba74b)
Diffstat
-rw-r--r--NEWS4
1 files changed, 2 insertions, 2 deletions
diff --git a/NEWS b/NEWS
index 40ecd30fc5..0a8f20e371 100644
--- a/NEWS
+++ b/NEWS
@@ -17,8 +17,8 @@ Security related changes:
   processing, leading to a memory leak and, potentially, to a denial
   of service.
 
-  The glob function, when invoked with GLOB_TILDE and without
-  GLOB_NOESCAPE, could write past the end of a buffer while
+  CVE-2017-15804: The glob function, when invoked with GLOB_TILDE and
+  without GLOB_NOESCAPE, could write past the end of a buffer while
   unescaping user names.  Reported by Tim Rühsen.
 
 The following bugs are resolved with this release:
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-12-03 16:53:09 +0000