diff options
| author | Siddhesh Poyarekar <siddhesh@sourceware.org> | 2017-08-02 08:07:16 +0530 |
|---|---|---|
| committer | Siddhesh Poyarekar <siddhesh@sourceware.org> | 2017-08-02 08:07:16 +0530 |
| commit | e1113af30df05da38449d5a5ca3ca4decca451f9 (patch) | |
| tree | 56d0cb9e006cc146da16b1736462e1eafb73f675 | |
| parent | 930324b356778b985d26f30fd0386163852a35fe (diff) | |
| download | glibc-e1113af30df05da38449d5a5ca3ca4decca451f9.tar.gz glibc-e1113af30df05da38449d5a5ca3ca4decca451f9.tar.xz glibc-e1113af30df05da38449d5a5ca3ca4decca451f9.zip | |
Update NEWS
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | NEWS | 12 |
2 files changed, 15 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog index 5a90364f90..a8539a3705 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2017-08-01 Siddhesh Poyarekar <siddhesh@sourceware.org> + + * NEWS: Update security-related changes. + 2017-07-30 Siddhesh Poyarekar <siddhesh@sourceware.org> * po/be.po: Update translations. diff --git a/NEWS b/NEWS index ab0fb545f8..bd48d18158 100644 --- a/NEWS +++ b/NEWS @@ -194,7 +194,17 @@ Changes to build and runtime requirements: Security related changes: * The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes, - to avoid fragmentation-based spoofing attacks. + to avoid fragmentation-based spoofing attacks (CVE-2017-12132). + +* LD_LIBRARY_PATH is now ignored in binaries running in privileged AT_SECURE + mode to guard against local privilege escalation attacks (CVE-2017-1000366). + +* Avoid printing a backtrace from the __stack_chk_fail function since it is + called on a corrupt stack and a backtrace is unreliable on a corrupt stack + (CVE-2010-3192). + +* A use-after-free vulnerability in clntudp_call in the Sun RPC system has been + fixed (CVE-2017-12133). The following bugs are resolved with this release: |