diff options
| author | Florian Weimer <fweimer@redhat.com> | 2017-12-14 15:18:38 +0100 |
|---|---|---|
| committer | Florian Weimer <fweimer@redhat.com> | 2017-12-14 15:27:08 +0100 |
| commit | 8a0b17e48b83e933960dfeb8fa08b259f03f310e (patch) | |
| tree | 34c8b4ae867dd10a5f340dcad1109efbfcd12bce /NEWS | |
| parent | f58bd7f055988d367d8118ccbc4cb8c4dbfd9db2 (diff) | |
elf: Compute correct array size in _dl_init_paths [BZ #22606]
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -125,6 +125,11 @@ Security related changes: instead of NULL. This was a regression introduced with the new malloc thread cache in glibc 2.26. Reported by Iain Buclaw. + CVE-2017-1000408: Incorrect array size computation in _dl_init_paths leads + to the allocation of too much memory. (This is not a security bug per se, + it is mentioned here only because of the CVE assignment.) Reported by + Qualys. + The following bugs are resolved with this release: [The release manager will add the list generated by |