diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/NEWS b/NEWS index 49895f81bd..1bea44cc8d 100644 --- a/NEWS +++ b/NEWS @@ -86,6 +86,12 @@ Security related changes: denial of service due to resource exhaustion when processing getaddrinfo calls with crafted host names. Reported by Guido Vranken. + CVE-2019-6488: On x32, the size_t parameter may be passed in the lower + 32 bits of a 64-bit register with with non-zero upper 32 bit. When it + happened, accessing the 32-bit size_t value as the full 64-bit register + in the assembly string/memory functions would cause a buffer overflow. + Reported by H.J. Lu. + The following bugs are resolved with this release: [16750] ldd: Never run file directly. @@ -165,6 +171,7 @@ The following bugs are resolved with this release: [23927] Linux if_nametoindex() does not close descriptor (CVE-2018-19591) [24018] gettext may return NULL [24027] malloc: Integer overflow in realloc + [24097] Can't use 64-bit register for size_t in assembly codes for x32 (CVE-2019-6488) Version 2.26 |