diff options
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog index e81991066e..79d303e7b6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,15 @@ +2018-08-28 Florian Weimer <fweimer@redhat.com> + + [BZ #23520] + nscd: Fix use-after-free in addgetnetgrentX and its callers. + * nscd/netgroupcache.c + (addgetnetgrentX): Add tofreep parameter. Do not free + heap-allocated buffer. + (addinnetgrX): Free buffer allocated bt addgetnetgrentX. + (addgetnetgrentX_ignore): New function. + (addgetnetgrent): Call it. + (readdgetnetgrent): Likewise. + 2018-08-16 DJ Delorie <dj@delorie.com> * malloc/malloc.c (_int_free): Check for corrupt prev_size vs size. |