about summary refs log tree commit diff
path: root/NEWS
diff options
context:
space:
mode:
Diffstat (limited to 'NEWS')
-rw-r--r--NEWS16
1 files changed, 15 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 52d14e38be..6181729b61 100644
--- a/NEWS
+++ b/NEWS
@@ -10,7 +10,21 @@ Version 2.20.1
 * The following bugs are resolved with this release:
 
   16009, 16617, 16618, 17266, 17269, 17370, 17371, 17460, 17485, 17555,
-  17625, 17630, 17801, 18007, 18032, 18287, 18665, 18694, 18928, 19018.
+  17625, 17630, 17801, 17905, 18007, 18032, 18080, 18240, 18287, 18508,
+  18665, 18694, 18928, 19018, 19682.
+
+* The glob function suffered from a stack-based buffer overflow when it was
+  called with the GLOB_ALTDIRFUNC flag and encountered a long file name.
+  Reported by Alexander Cherepanov.  (CVE-2016-1234)
+
+* An unnecessary stack copy in _nss_dns_getnetbyname_r was removed.  It
+  could result in a stack overflow when getnetbyname was called with an
+  overly long name.  (CVE-2016-3075)
+
+* Previously, getaddrinfo copied large amounts of address data to the stack,
+  even after the fix for CVE-2013-4458 has been applied, potentially
+  resulting in a stack overflow.  getaddrinfo now uses a heap allocation
+  instead.  Reported by Michael Petlan.  (CVE-2016-3706)
 
 * A stack-based buffer overflow was found in libresolv when invoked from
   libnss_dns, allowing specially crafted DNS responses to seize control
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-23 08:22:25 +0000