about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--NEWS5
1 files changed, 5 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 96df7a960a..e2931f13c4 100644
--- a/NEWS
+++ b/NEWS
@@ -22,6 +22,11 @@ Version 2.18.1
 * CVE-2013-4458 Stack overflow in getaddrinfo with large number of results
   for AF_INET6 has been fixed (Bugzilla #16072).
 
+* CVE-2013-4332 The pvalloc, valloc, memalign, posix_memalign and
+  aligned_alloc functions could allocate too few bytes or corrupt the
+  heap when passed very large allocation size values (Bugzilla #15855,
+  #15856, #15857).
+
 * CVE-2012-4424 The strcoll implementation uses malloc to cache indices and
   rules for large collation sequences to optimize multiple passes and falls
   back to alloca if malloc fails, resulting in a possible stack overflow.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-02 20:43:13 +0000