about summary refs log tree commit diff
path: root/NEWS
diff options
context:
space:
mode:
authorFlorian Weimer <fweimer@redhat.com>2016-12-31 20:22:09 +0100
committerFlorian Weimer <fweimer@redhat.com>2016-12-31 20:27:44 +0100
commitfc82b0a2dfe7dbd35671c10510a8da1043d746a5 (patch)
tree86b8ef6421ca34fa1907121e078e008c580029ea /NEWS
parent3c589b1a8a4401e258ba23a03fcbcc79b82393ab (diff)
downloadglibc-fc82b0a2dfe7dbd35671c10510a8da1043d746a5.tar.gz
glibc-fc82b0a2dfe7dbd35671c10510a8da1043d746a5.tar.xz
glibc-fc82b0a2dfe7dbd35671c10510a8da1043d746a5.zip
CVE-2015-5180: resolv: Fix crash with internal QTYPE [BZ #18784]
Also rename T_UNSPEC because an upcoming public header file
update will use that name.
Diffstat (limited to 'NEWS')
-rw-r--r--NEWS8
1 files changed, 7 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 7ebce44ca1..08b566d635 100644
--- a/NEWS
+++ b/NEWS
@@ -191,12 +191,18 @@ Version 2.25
 
 Security related changes:
 
-  On ARM EABI (32-bit), generating a backtrace for execution contexts which
+* On ARM EABI (32-bit), generating a backtrace for execution contexts which
   have been created with makecontext could fail to terminate due to a
   missing .cantunwind annotation.  This has been observed to lead to a hang
   (denial of service) in some Go applications compiled with gccgo.  Reported
   by Andreas Schwab.  (CVE-2016-6323)
 
+* The DNS stub resolver functions would crash due to a NULL pointer
+  dereference when processing a query with a valid DNS question type which
+  was used internally in the implementation.  The stub resolver now uses a
+  question type which is outside the range of valid question type values.
+  (CVE-2015-5180)
+
 The following bugs are resolved with this release:
 
   [The release manager will add the list generated by
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-21 22:09:54 +0000