diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/NEWS b/NEWS index 5aa982b677..5601a9a23d 100644 --- a/NEWS +++ b/NEWS @@ -9,9 +9,15 @@ Version 2.16.1 * The following bugs are resolved with this release: - 6530, 14195, 14459, 14476, 14562, 14621, 14648, 14756, 14831, 15078., + 6530, 14195, 14547, 14459, 14476, 14562, 14621, 14648, 14756, 14831, 15078, 15755, 16072. +* CVE-2012-4424 The strcoll implementation uses malloc to cache indices and + rules for large collation sequences to optimize multiple passes and falls + back to alloca if malloc fails, resulting in a possible stack overflow. + The implementation now falls back to an uncached collation sequence lookup + if malloc fails. + * CVE-2013-4458 Stack overflow in getaddrinfo with large number of results for AF_INET6 has been fixed (Bugzilla #16072). |