about summary refs log tree commit diff
path: root/NEWS
diff options
context:
space:
mode:
authorFlorian Weimer <fweimer@redhat.com>2014-05-12 15:24:12 +0200
committerFlorian Weimer <fweimer@redhat.com>2014-07-10 16:29:55 +0200
commit4e8f95a0df7c2300b830ec12c0ae1e161bc8a8a3 (patch)
tree9d423c33dd357da456df66249c30e086f25fb0dd /NEWS
parentd183645616b0533b3acee28f1a95570bffbdf50f (diff)
downloadglibc-4e8f95a0df7c2300b830ec12c0ae1e161bc8a8a3.tar.gz
glibc-4e8f95a0df7c2300b830ec12c0ae1e161bc8a8a3.tar.xz
glibc-4e8f95a0df7c2300b830ec12c0ae1e161bc8a8a3.zip
_nl_find_locale: Improve handling of crafted locale names [BZ #17137]
Prevent directory traversal in locale-related environment variables
(CVE-2014-0475).
Diffstat (limited to 'NEWS')
-rw-r--r--NEWS12
1 files changed, 11 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 3ef9162fbb..a6617a145e 100644
--- a/NEWS
+++ b/NEWS
@@ -21,7 +21,8 @@ Version 2.20
   16882, 16885, 16888, 16890, 16912, 16915, 16916, 16917, 16918, 16922,
   16927, 16928, 16932, 16943, 16958, 16965, 16966, 16967, 16977, 16978,
   16984, 16990, 16996, 17009, 17022, 17031, 17042, 17048, 17050, 17058,
-  17061, 17062, 17069, 17075, 17079, 17084, 17086, 17092, 17097, 17125.
+  17061, 17062, 17069, 17075, 17079, 17084, 17086, 17092, 17097, 17125,
+  17137.
 
 * Optimized strchr implementation for AArch64.  Contributed by ARM Ltd.
 
@@ -70,6 +71,15 @@ Version 2.20
   On configurations that support it (all Linux configurations), it's now
   used regardless of the --enable-add-ons switch to configure.  It is no
   longer possible to build such configurations without pthreads support.
+
+* Locale names, including those obtained from environment variables (LANG
+  and the LC_* variables), are more tightly checked for proper syntax.
+  setlocale will now fail (with EINVAL) for locale names that are overly
+  long, contain slashes without starting with a slash, or contain ".." path
+  components. (CVE-2014-0475)  Previously, some valid locale names were
+  silently replaced with the "C" locale when running in AT_SECURE mode
+  (e.g., in a SUID program).  This is no longer necessary because of the
+  additional checks.
 
 Version 2.19