Add CVE-2013-4332 to NEWS.

author: Will Newton <will.newton@linaro.org> 2013-09-13 09:26:02 +0100
committer: Will Newton <will.newton@linaro.org> 2013-09-13 09:26:02 +0100
commit: ba0d798c17cafecd97b2cadf8b5e19800b967f82 (patch)
tree: 7e65286e3dad8b97a97faf9ffcdb4b7b7a7f4c89 /NEWS
parent: ae7080d30c68cfa0c81ce3422dca948f64a94f50 (diff)
download: glibc-ba0d798c17cafecd97b2cadf8b5e19800b967f82.tar.gz
glibc-ba0d798c17cafecd97b2cadf8b5e19800b967f82.tar.xz
glibc-ba0d798c17cafecd97b2cadf8b5e19800b967f82.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index b1d4d3db63..af58b752ea 100644
--- a/NEWS
+++ b/NEWS
@@ -17,6 +17,11 @@ Version 2.19
   to the d_name member of struct dirent, or omit the terminating NUL
   character.  (Bugzilla #14699).
 
+* CVE-2013-4332 The pvalloc, valloc, memalign, posix_memalign and
+  aligned_alloc functions could allocate too few bytes or corrupt the
+  heap when passed very large allocation size values (Bugzilla #15855,
+  #15856, #15857).
+
 * New locales: quz_PE.
 
 * Add country_car field to LC_ADDRESS, many locales.
author	Will Newton <will.newton@linaro.org>	2013-09-13 09:26:02 +0100
committer	Will Newton <will.newton@linaro.org>	2013-09-13 09:26:02 +0100
commit	ba0d798c17cafecd97b2cadf8b5e19800b967f82 (patch)
tree	7e65286e3dad8b97a97faf9ffcdb4b7b7a7f4c89 /NEWS
parent	ae7080d30c68cfa0c81ce3422dca948f64a94f50 (diff)
download	glibc-ba0d798c17cafecd97b2cadf8b5e19800b967f82.tar.gz glibc-ba0d798c17cafecd97b2cadf8b5e19800b967f82.tar.xz glibc-ba0d798c17cafecd97b2cadf8b5e19800b967f82.zip