Update NEWS and ChangeLog for CVE-2017-15671
This commit is contained in:
parent
e80fc1fc98
commit
914c9994d2
|
@ -3965,6 +3965,7 @@
|
|||
All uses removed.
|
||||
|
||||
[BZ #1062]
|
||||
CVE-2017-15671
|
||||
* posix/Makefile (routines): Add globfree, globfree64, and
|
||||
glob_pattern_p.
|
||||
* posix/flexmember.h: New file.
|
||||
|
|
5
NEWS
5
NEWS
|
@ -77,6 +77,11 @@ Security related changes:
|
|||
on the stack or the heap, depending on the length of the user name).
|
||||
Reported by Tim Rühsen.
|
||||
|
||||
CVE-2017-15671: The glob function, when invoked with GLOB_TILDE,
|
||||
would sometimes fail to free memory allocated during ~ operator
|
||||
processing, leading to a memory leak and, potentially, to a denial
|
||||
of service.
|
||||
|
||||
The following bugs are resolved with this release:
|
||||
|
||||
[The release manager will add the list generated by
|
||||
|
|
Loading…
Reference in a new issue