Add references to CVE-2017-17426

author: Florian Weimer <fweimer@redhat.com> 2017-12-06 07:39:25 +0100
committer: Florian Weimer <fweimer@redhat.com> 2017-12-06 07:40:42 +0100
commit: 37ac8e635a29810318f6d79902102e2e96b2b5bf (patch)
tree: e9dc4ee94b88e8d0c64961a91c8e4a4def8bb774 /NEWS
parent: 87235d7006afcb681ff7422bae346da7dcd995d7 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index dc5fe32cf8..faa60abe30 100644
--- a/NEWS
+++ b/NEWS
@@ -112,6 +112,11 @@ Security related changes:
   without GLOB_NOESCAPE, could write past the end of a buffer while
   unescaping user names.  Reported by Tim Rühsen.
 
+  CVE-2017-17426: The malloc function, when called with an object size near
+  the value SIZE_MAX, would return a pointer to a buffer which is too small,
+  instead of NULL.  This was a regression introduced with the new malloc
+  thread cache in glibc 2.26.  Reported by Iain Buclaw.
+
 The following bugs are resolved with this release:
 
   [The release manager will add the list generated by
author	Florian Weimer <fweimer@redhat.com>	2017-12-06 07:39:25 +0100
committer	Florian Weimer <fweimer@redhat.com>	2017-12-06 07:40:42 +0100
commit	37ac8e635a29810318f6d79902102e2e96b2b5bf (patch)
tree	e9dc4ee94b88e8d0c64961a91c8e4a4def8bb774 /NEWS
parent	87235d7006afcb681ff7422bae346da7dcd995d7 (diff)