diff options
| author | Paul Eggert <eggert@cs.ucla.edu> | 2017-10-20 18:41:14 +0200 |
|---|---|---|
| committer | Florian Weimer <fweimer@redhat.com> | 2017-10-20 18:46:48 +0200 |
| commit | c369d66e5426a30e4725b100d5cd28e372754f90 (patch) | |
| tree | 252d4ee0e4196f335fc864d10a38f5c6cb6c36f3 /NEWS | |
| parent | 6d43de4b85b11d26a19bebe4f55f31be16e3d419 (diff) | |
| download | glibc-c369d66e5426a30e4725b100d5cd28e372754f90.tar.gz glibc-c369d66e5426a30e4725b100d5cd28e372754f90.tar.xz glibc-c369d66e5426a30e4725b100d5cd28e372754f90.zip | |
CVE-2017-15670: glob: Fix one-byte overflow [BZ #22320]
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/NEWS b/NEWS index ad680db874..e0e505690b 100644 --- a/NEWS +++ b/NEWS @@ -72,6 +72,10 @@ Security related changes: vulnerability; only trusted binaries must be examined using the ldd script.) + CVE-2017-15670: The glob function, when invoked with GLOB_TILDE, suffered + from a one-byte overflow during ~ operator processing (either on the stack + or the heap, depending on the length of the user name). + The following bugs are resolved with this release: [The release manager will add the list generated by |