diff options
author | Florian Weimer <fweimer@redhat.com> | 2017-10-22 09:29:52 +0200 |
---|---|---|
committer | Aurelien Jarno <aurelien@aurel32.net> | 2017-12-01 21:50:09 +0100 |
commit | 6f9f307b5db6b2eeb7b92f2a75e5ab3e749c3d56 (patch) | |
tree | 401369d8b008d293bed784044fa7e499934e31f9 | |
parent | f312f235d535fac5c3ff2b0aa7cacb1958aa4529 (diff) | |
download | glibc-6f9f307b5db6b2eeb7b92f2a75e5ab3e749c3d56.tar.gz |
Update NEWS and ChangeLog for CVE-2017-15671
(cherry picked from commit 914c9994d27b80bc3b71c483e801a4f04e269ba6)
-rw-r--r-- | NEWS | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -30,6 +30,11 @@ Security related changes: on the stack or the heap, depending on the length of the user name). Reported by Tim Rühsen. + CVE-2017-15671: The glob function, when invoked with GLOB_TILDE, + would sometimes fail to free memory allocated during ~ operator + processing, leading to a memory leak and, potentially, to a denial + of service. + The following bugs are resolved with this release: [16750] ldd: Never run file directly. |