about summary refs log tree commit diff
path: root/NEWS
diff options
context:
space:
mode:
Diffstat (limited to 'NEWS')
-rw-r--r--NEWS7
1 files changed, 6 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 0d1952c9f4..d7da53f9ba 100644
--- a/NEWS
+++ b/NEWS
@@ -12,7 +12,7 @@ Version 2.19.1
   15946, 16545, 16574, 16623, 16657, 16695, 16743, 16758, 16759, 16760,
   16878, 16882, 16885, 16916, 16932, 16943, 16958, 17048, 17062, 17069,
   17079, 17137, 17153, 17213, 17263, 17269, 17325, 17555, 17905, 18007,
-  18032, 18240, 18287, 18905.
+  18032, 18240, 18287, 18905, 19879.
 
 * A buffer overflow in gethostbyname_r and related functions performing DNS
   requests has been fixed.  If the NSS functions were called with a
@@ -63,6 +63,11 @@ Version 2.19.1
   the get*ent functions if any of the query functions for the same database
   are used during the iteration, causing a denial-of-service condition in
   some applications.
+
+* The getnetbyname implementation in nss_dns had a potentially unbounded
+  alloca call (in the form of a call to strdupa), leading to a stack
+  overflow (stack exhaustion) and a crash if getnetbyname is invoked
+  on a very long name.  (CVE-2016-3075)
 
 Version 2.19
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-12-11 20:08:16 +0000