Update NEWS to add CVE-2017-15804 entry

author: Aurelien Jarno <aurelien@aurel32.net> 2017-12-01 21:53:51 +0100
committer: Aurelien Jarno <aurelien@aurel32.net> 2017-12-01 21:53:51 +0100
commit: 15e84c63c05e0652047ba5e738c54d79d62ba74b (patch)
tree: c30732ace891ea2e6804e11ab3e186f571c14e7c
parent: 428fc49eaafe0fe5352445fcf23d9f603e9083a2 (diff)
download: glibc-15e84c63c05e0652047ba5e738c54d79d62ba74b.tar.gz
glibc-15e84c63c05e0652047ba5e738c54d79d62ba74b.tar.xz
glibc-15e84c63c05e0652047ba5e738c54d79d62ba74b.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/NEWS b/NEWS
index 48af4acaea..10f695aab1 100644
--- a/NEWS
+++ b/NEWS
@@ -100,8 +100,8 @@ Security related changes:
   processing, leading to a memory leak and, potentially, to a denial
   of service.
 
-  The glob function, when invoked with GLOB_TILDE and without
-  GLOB_NOESCAPE, could write past the end of a buffer while
+  CVE-2017-15804: The glob function, when invoked with GLOB_TILDE and
+  without GLOB_NOESCAPE, could write past the end of a buffer while
   unescaping user names.  Reported by Tim Rühsen.
 
 The following bugs are resolved with this release:
author	Aurelien Jarno <aurelien@aurel32.net>	2017-12-01 21:53:51 +0100
committer	Aurelien Jarno <aurelien@aurel32.net>	2017-12-01 21:53:51 +0100
commit	15e84c63c05e0652047ba5e738c54d79d62ba74b (patch)
tree	c30732ace891ea2e6804e11ab3e186f571c14e7c
parent	428fc49eaafe0fe5352445fcf23d9f603e9083a2 (diff)
download	glibc-15e84c63c05e0652047ba5e738c54d79d62ba74b.tar.gz glibc-15e84c63c05e0652047ba5e738c54d79d62ba74b.tar.xz glibc-15e84c63c05e0652047ba5e738c54d79d62ba74b.zip