diff options
| author | Will Newton <will.newton@linaro.org> | 2013-09-13 09:26:02 +0100 |
|---|---|---|
| committer | Adhemerval Zanella <azanella@linux.vnet.ibm.com> | 2015-01-16 06:15:56 -0500 |
| commit | 301e0d6f9a2218f2d1943860c2d14046b917e846 (patch) | |
| tree | 7ff9c593c0e330151c37a20ff95b17a72a9622e1 | |
| parent | 9c77803abebe02a99a5329e28627e1ad6d074cfe (diff) | |
| download | glibc-301e0d6f9a2218f2d1943860c2d14046b917e846.tar.gz glibc-301e0d6f9a2218f2d1943860c2d14046b917e846.tar.xz glibc-301e0d6f9a2218f2d1943860c2d14046b917e846.zip | |
Add CVE-2013-4332 to NEWS.
| -rw-r--r-- | NEWS | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/NEWS b/NEWS index 96df7a960a..e2931f13c4 100644 --- a/NEWS +++ b/NEWS @@ -22,6 +22,11 @@ Version 2.18.1 * CVE-2013-4458 Stack overflow in getaddrinfo with large number of results for AF_INET6 has been fixed (Bugzilla #16072). +* CVE-2013-4332 The pvalloc, valloc, memalign, posix_memalign and + aligned_alloc functions could allocate too few bytes or corrupt the + heap when passed very large allocation size values (Bugzilla #15855, + #15856, #15857). + * CVE-2012-4424 The strcoll implementation uses malloc to cache indices and rules for large collation sequences to optimize multiple passes and falls back to alloca if malloc fails, resulting in a possible stack overflow. |