diff options
author | Carlos O'Donell <carlos@redhat.com> | 2024-05-01 21:54:11 -0400 |
---|---|---|
committer | Carlos O'Donell <carlos@redhat.com> | 2024-05-06 15:12:31 -0400 |
commit | 143ef68b2aded7c794956beddad495af8c7d3251 (patch) | |
tree | a513c2691b1e6f31c4126ed65ddefba989a2bbc6 /NEWS | |
parent | d4d9a805a58c2593f7610198a198d24a41eef561 (diff) | |
download | glibc-143ef68b2aded7c794956beddad495af8c7d3251.tar.gz glibc-143ef68b2aded7c794956beddad495af8c7d3251.tar.xz glibc-143ef68b2aded7c794956beddad495af8c7d3251.zip |
NEWS: Add advisories.
GLIBC-SA-2024-0004: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961) GLIBC-SA-2024-0005: nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599) GLIBC-SA-2024-0006: nscd: Null pointer crashes after notfound response (CVE-2024-33600) GLIBC-SA-2024-0007: nscd: netgroup cache may terminate daemon on memory allocation failure (CVE-2024-33601) GLIBC-SA-2024-0008: nscd: netgroup cache assumes NSS callback uses in-buffer strings (CVE-2024-33602) Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/NEWS b/NEWS index cf6078cf20..2234021a95 100644 --- a/NEWS +++ b/NEWS @@ -177,6 +177,25 @@ found in the advisories directory of the release tarball: GLIBC-SA-2024-0003: syslog: Integer overflow in __vsyslog_internal (CVE-2023-6780) + GLIBC-SA-2024-0004: + ISO-2022-CN-EXT: fix out-of-bound writes when writing escape + sequence (CVE-2024-2961) + + GLIBC-SA-2024-0005: + nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599) + + GLIBC-SA-2024-0006: + nscd: Null pointer crashes after notfound response + (CVE-2024-33600) + + GLIBC-SA-2024-0007: + nscd: netgroup cache may terminate daemon on memory allocation + failure (CVE-2024-33601) + + GLIBC-SA-2024-0008: + nscd: netgroup cache assumes NSS callback uses in-buffer strings + (CVE-2024-33602) + The following bugs are resolved with this release: [14522] localedata: fy_DE: LC_IDENTIFICATION data looks weird |