diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/NEWS b/NEWS index c0596ae5f2..2c4c9d63aa 100644 --- a/NEWS +++ b/NEWS @@ -30,6 +30,12 @@ Security related changes: it is mentioned here only because of the CVE assignment.) Reported by Qualys. + CVE-2017-1000409: Buffer overflow in _dl_init_paths due to miscomputation + of the number of search path components. (This is not a security + vulnerability per se because no trust boundary is crossed if the fix for + CVE-2017-1000366 has been applied, but it is mentioned here only because + of the CVE assignment.) Reported by Qualys. + The following bugs are resolved with this release: [20257] sunrpc: clntudp_call does not enforce timeout when receiving data |