Add CVE-2013-4332 to NEWS.

author: Will Newton <will.newton@linaro.org> 2013-09-13 09:26:02 +0100
committer: Adhemerval Zanella <azanella@linux.vnet.ibm.com> 2015-01-15 15:01:36 -0500
commit: 97ef0b2223e10fe3053494defd8a008d7dd9d6d8 (patch)
tree: 1153f961e3af8ba8ca978fe6ddd64b9b2727e8f8
parent: ccb8f6bab96cfcc7aedf5cd0d1946f26b028d733 (diff)
download: glibc-97ef0b2223e10fe3053494defd8a008d7dd9d6d8.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index b2543182d7..86f3232737 100644
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,11 @@ Version 2.16.1
   6530, 14195, 14547, 14459, 14476, 14562, 14621, 14648, 14699, 14756, 14831,
   15078, 15754, 15755, 16072.
 
+* CVE-2013-4332 The pvalloc, valloc, memalign, posix_memalign and
+  aligned_alloc functions could allocate too few bytes or corrupt the
+  heap when passed very large allocation size values (Bugzilla #15855,
+  #15856, #15857).
+
 * CVE-2013-4237 The readdir_r function could write more than NAME_MAX bytes
   to the d_name member of struct dirent, or omit the terminating NUL
   character.  (Bugzilla #14699).
author	Will Newton <will.newton@linaro.org>	2013-09-13 09:26:02 +0100
committer	Adhemerval Zanella <azanella@linux.vnet.ibm.com>	2015-01-15 15:01:36 -0500
commit	97ef0b2223e10fe3053494defd8a008d7dd9d6d8 (patch)
tree	1153f961e3af8ba8ca978fe6ddd64b9b2727e8f8
parent	ccb8f6bab96cfcc7aedf5cd0d1946f26b028d733 (diff)
download	glibc-97ef0b2223e10fe3053494defd8a008d7dd9d6d8.tar.gz