diff options
| author | Florian Weimer <fweimer@redhat.com> | 2018-02-06 09:19:03 +0100 |
|---|---|---|
| committer | Tulio Magno Quites Machado Filho <tuliom@linux.ibm.com> | 2018-04-06 16:29:37 -0300 |
| commit | 017d97cd2ec0f626f8afb8c73ea3d612d8e844c3 (patch) | |
| tree | 539bfba03116f8387437b77cd9abd34ca9ebb573 | |
| parent | 436359fd41343c1db0616bd90e8a05bf188f237c (diff) | |
| download | glibc-017d97cd2ec0f626f8afb8c73ea3d612d8e844c3.tar.gz glibc-017d97cd2ec0f626f8afb8c73ea3d612d8e844c3.tar.xz glibc-017d97cd2ec0f626f8afb8c73ea3d612d8e844c3.zip | |
Record CVE-2018-6551 in NEWS and ChangeLog [BZ #22774]
(cherry picked from commit 71aa429b029fdb6f9e65d44050388b51eca460d6)
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | NEWS | 4 |
2 files changed, 6 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog index e92c110602..0b838029c0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,7 +1,9 @@ 2018-01-18 Arjun Shankar <arjun@redhat.com> [BZ #22343] + [BZ #22774] CVE-2018-6485 + CVE-2018-6551 * malloc/malloc.c (checked_request2size): call REQUEST_OUT_OF_RANGE after padding. (_int_memalign): check for integer overflow before calling diff --git a/NEWS b/NEWS index ac8901e05d..db81e9e6b1 100644 --- a/NEWS +++ b/NEWS @@ -91,6 +91,10 @@ Version 2.22.1 * CVE-2018-6485: The posix_memalign and memalign functions, when called with an object size near the value of SIZE_MAX, would return a pointer to a buffer which is too small, instead of NULL. Reported by Jakub Wilk. + +* CVE-2018-6551: The malloc function, when called with an object size near + the value of SIZE_MAX, would return a pointer to a buffer which is too + small, instead of NULL. Version 2.22 |