diff options
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | NEWS | 4 |
2 files changed, 6 insertions, 0 deletions
@@ -710,7 +710,9 @@ 2018-01-18 Arjun Shankar <arjun@redhat.com> [BZ #22343] + [BZ #22774] CVE-2018-6485 + CVE-2018-6551 * malloc/malloc.c (checked_request2size): call REQUEST_OUT_OF_RANGE after padding. (_int_memalign): check for integer overflow before calling @@ -262,6 +262,10 @@ Security related changes: an object size near the value of SIZE_MAX, would return a pointer to a buffer which is too small, instead of NULL. Reported by Jakub Wilk. + CVE-2018-6551: The malloc function, when called with an object size near + the value of SIZE_MAX, would return a pointer to a buffer which is too + small, instead of NULL. + The following bugs are resolved with this release: [866] glob: glob should match dangling symlinks |