diff options
author | Florian Weimer <fweimer@redhat.com> | 2017-12-14 15:05:57 +0100 |
---|---|---|
committer | Florian Weimer <fweimer@redhat.com> | 2017-12-14 15:31:46 +0100 |
commit | 3ff3dfa5af313a6ea33f3393916f30eece4f0171 (patch) | |
tree | 41be59a9eb6037aba0ee37116d2b35c0a324392f /NEWS | |
parent | 8a0b17e48b83e933960dfeb8fa08b259f03f310e (diff) | |
download | glibc-3ff3dfa5af313a6ea33f3393916f30eece4f0171.tar.gz glibc-3ff3dfa5af313a6ea33f3393916f30eece4f0171.tar.xz glibc-3ff3dfa5af313a6ea33f3393916f30eece4f0171.zip |
elf: Count components of the expanded path in _dl_init_path [BZ #22607]
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/NEWS b/NEWS index eef51b65a6..c5607c855f 100644 --- a/NEWS +++ b/NEWS @@ -130,6 +130,12 @@ Security related changes: it is mentioned here only because of the CVE assignment.) Reported by Qualys. + CVE-2017-1000409: Buffer overflow in _dl_init_paths due to miscomputation + of the number of search path components. (This is not a security + vulnerability per se because no trust boundary is crossed if the fix for + CVE-2017-1000366 has been applied, but it is mentioned here only because + of the CVE assignment.) Reported by Qualys. + The following bugs are resolved with this release: [The release manager will add the list generated by |