diff options
author | Florian Weimer <fweimer@redhat.com> | 2015-02-06 16:30:15 +0100 |
---|---|---|
committer | Florian Weimer <fweimer@redhat.com> | 2015-02-06 16:30:15 +0100 |
commit | c66e8b9e58603e92171cd87f9ad3759304f25255 (patch) | |
tree | bdb87068966ce0f56a02ac2a64028de2ec378d08 | |
parent | 004c993bdd407d589ae3b88e2a012525122f01e2 (diff) | |
download | glibc-c66e8b9e58603e92171cd87f9ad3759304f25255.zip glibc-c66e8b9e58603e92171cd87f9ad3759304f25255.tar.gz glibc-c66e8b9e58603e92171cd87f9ad3759304f25255.tar.bz2 |
NEWS: Also mention CVE-2015-1473
-rw-r--r-- | NEWS | 9 |
1 files changed, 5 insertions, 4 deletions
@@ -21,10 +21,11 @@ Version 2.21 17801, 17803, 17806, 17834, 17844, 17848, 17868, 17869, 17870, 17885, 17892. -* CVE-2015-1472 Under certain conditions wscanf can allocate too little - memory for the to-be-scanned arguments and overflow the allocated - buffer. The implementation now correctly computes the required buffer - size when using malloc. +* CVE-2015-1472 CVE-2015-1473 Under certain conditions wscanf can allocate + too little memory for the to-be-scanned arguments and overflow the + allocated buffer. The implementation now correctly computes the required + buffer size when using malloc, and switches to malloc from alloca as + intended. * A new semaphore algorithm has been implemented in generic C code for all machines. Previous custom assembly implementations of semaphore were |