Update NEWS and ChangeLog for CVE-2017-15671

(cherry picked from commit 914c9994d27b80bc3b71c483e801a4f04e269ba6)
author: Florian Weimer <fweimer@redhat.com> 2017-10-22 09:29:52 +0200
committer: Aurelien Jarno <aurelien@aurel32.net> 2017-12-02 22:56:28 +0100
commit: 1e53b88296dc95d325d6073910a33dca851b6bc4 (patch)
tree: 8ccfbbd1da4e7174e8bce90d43254a2fcdbffd72
parent: 5ff2eb52b236ca3d77f92272e8711b3c2b98140b (diff)
download: glibc-1e53b88296dc95d325d6073910a33dca851b6bc4.tar.gz
glibc-1e53b88296dc95d325d6073910a33dca851b6bc4.tar.xz
glibc-1e53b88296dc95d325d6073910a33dca851b6bc4.zip
2 files changed, 6 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 756a3cc0f0..01a1e99d83 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -15,6 +15,7 @@
 2017-09-08  Adhemerval Zanella  <adhemerval.zanella@linaro.org>
 
 	[BZ #1062]
+	CVE-2017-15671
 	* posix/Makefile (routines): Add globfree, globfree64, and
 	glob_pattern_p.
 	* posix/flexmember.h: New file.
diff --git a/NEWS b/NEWS
index 8c10e88ec5..a70d21eb40 100644
--- a/NEWS
+++ b/NEWS
@@ -25,6 +25,11 @@ Security related changes:
   from a one-byte overflow during ~ operator processing (either on the stack
   or the heap, depending on the length of the user name).
 
+* CVE-2017-15671: The glob function, when invoked with GLOB_TILDE,
+  would sometimes fail to free memory allocated during ~ operator
+  processing, leading to a memory leak and, potentially, to a denial
+  of service.
+
 The following bugs are resolved with this release:
 
   [20790] Fix rpcgen buffer overrun
author	Florian Weimer <fweimer@redhat.com>	2017-10-22 09:29:52 +0200
committer	Aurelien Jarno <aurelien@aurel32.net>	2017-12-02 22:56:28 +0100
commit	1e53b88296dc95d325d6073910a33dca851b6bc4 (patch)
tree	8ccfbbd1da4e7174e8bce90d43254a2fcdbffd72
parent	5ff2eb52b236ca3d77f92272e8711b3c2b98140b (diff)
download	glibc-1e53b88296dc95d325d6073910a33dca851b6bc4.tar.gz glibc-1e53b88296dc95d325d6073910a33dca851b6bc4.tar.xz glibc-1e53b88296dc95d325d6073910a33dca851b6bc4.zip