diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/NEWS b/NEWS index ff79f0d1b5..c9f6b58486 100644 --- a/NEWS +++ b/NEWS @@ -9,7 +9,14 @@ Version 2.21.1 * The following bugs are resolved with this release: - 17949. + 17949, 18287. + +* A buffer overflow in gethostbyname_r and related functions performing DNS + requests has been fixed. If the NSS functions were called with a + misaligned buffer, the buffer length change due to pointer alignment was + not taken into account. This could result in application crashes or, + potentially arbitrary code execution, using crafted, but syntactically + valid DNS responses. (CVE-2015-1781) Version 2.21 |