aboutsummaryrefslogtreecommitdiff
path: root/NEWS
diff options
context:
space:
mode:
authorFlorian Weimer <fweimer@redhat.com>2020-07-31 12:07:06 +0200
committerFlorian Weimer <fweimer@redhat.com>2020-07-31 12:59:19 +0200
commit7f1a08cff82255cd4252a2c75fd65b80a6a170bf (patch)
treede8d9e81ac77041906834b1be622ab4c822ea1d9 /NEWS
parent89c255294a5b14dd88e45ed3b2a2a66517ed1a6f (diff)
downloadglibc-7f1a08cff82255cd4252a2c75fd65b80a6a170bf.zip
glibc-7f1a08cff82255cd4252a2c75fd65b80a6a170bf.tar.gz
glibc-7f1a08cff82255cd4252a2c75fd65b80a6a170bf.tar.bz2
Move NEWS entry for CVE-2020-1751 to the 2.31 section
It was fixed in commit d93769405996dfc11d216ddbe415946617b5a494 ("Fix array overflow in backtrace on PowerPC (bug 25423)"), which went into glibc 2.31. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Diffstat (limited to 'NEWS')
-rw-r--r--NEWS6
1 files changed, 3 insertions, 3 deletions
diff --git a/NEWS b/NEWS
index 7fb167e..85f91b3 100644
--- a/NEWS
+++ b/NEWS
@@ -171,9 +171,6 @@ Security related changes:
corruption when they were passed a pseudo-zero argument. Reported by Guido
Vranken / ForAllSecure Mayhem.
- CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
- out-of-bounds write when executed in a signal frame context.
-
CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.
@@ -325,6 +322,9 @@ Changes to build and runtime requirements:
Security related changes:
+ CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
+ out-of-bounds write when executed in a signal frame context.
+
CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
environment variable during program execution after a security
transition, allowing local attackers to restrict the possible mapping