about summary refs log tree commit diff
path: root/NEWS
diff options
context:
space:
mode:
authorSiddhesh Poyarekar <siddhesh@redhat.com>2013-09-23 11:20:02 +0530
committerSiddhesh Poyarekar <siddhesh@redhat.com>2013-09-23 11:29:53 +0530
commit141f3a77fe4f1b59b0afa9bf6909cd2000448883 (patch)
treeb82fc2e16b302d4fdb5c9983f8339eef93e99cd9 /NEWS
parent0b1f8e35640f5b3f7af11764ade3ff060211c309 (diff)
downloadglibc-141f3a77fe4f1b59b0afa9bf6909cd2000448883.tar.gz
glibc-141f3a77fe4f1b59b0afa9bf6909cd2000448883.tar.xz
glibc-141f3a77fe4f1b59b0afa9bf6909cd2000448883.zip
Fall back to non-cached sequence traversal and comparison on malloc fail
strcoll currently falls back to alloca if malloc fails, resulting in a
possible stack overflow.  This patch implements sequence traversal and
comparison without caching indices and rules.

Fixes CVE-2012-4424.
Diffstat (limited to 'NEWS')
-rw-r--r--NEWS14
1 files changed, 10 insertions, 4 deletions
diff --git a/NEWS b/NEWS
index 62c58b2599..0dbcdbff95 100644
--- a/NEWS
+++ b/NEWS
@@ -9,10 +9,16 @@ Version 2.19
 
 * The following bugs are resolved with this release:
 
-  13985, 14155, 14699, 15427, 15522, 15531, 15532, 15640, 15736, 15748,
-  15749, 15754, 15797, 15844, 15849, 15855, 15856, 15857, 15859, 15867,
-  15886, 15887, 15890, 15892, 15893, 15895, 15897, 15905, 15909, 15919,
-  15921, 15923, 15939, 15963, 15966.
+  13985, 14155, 14547, 14699, 15427, 15522, 15531, 15532, 15640, 15736,
+  15748, 15749, 15754, 15797, 15844, 15849, 15855, 15856, 15857, 15859,
+  15867, 15886, 15887, 15890, 15892, 15893, 15895, 15897, 15905, 15909,
+  15919, 15921, 15923, 15939, 15963, 15966.
+
+* CVE-2012-4424 The strcoll implementation uses malloc to cache indices and
+  rules for large collation sequences to optimize multiple passes and falls
+  back to alloca if malloc fails, resulting in a possible stack overflow.
+  The implementation now falls back to an uncached collation sequence lookup
+  if malloc fails.
 
 * CVE-2013-4788 The pointer guard used for pointer mangling was not
   initialized for static applications resulting in the security feature