diff options
author | Siddhesh Poyarekar <siddhesh@sourceware.org> | 2017-08-02 08:07:16 +0530 |
---|---|---|
committer | Siddhesh Poyarekar <siddhesh@sourceware.org> | 2017-08-02 08:07:16 +0530 |
commit | e1113af30df05da38449d5a5ca3ca4decca451f9 (patch) | |
tree | 56d0cb9e006cc146da16b1736462e1eafb73f675 /NEWS | |
parent | 930324b356778b985d26f30fd0386163852a35fe (diff) | |
download | glibc-e1113af30df05da38449d5a5ca3ca4decca451f9.zip glibc-e1113af30df05da38449d5a5ca3ca4decca451f9.tar.gz glibc-e1113af30df05da38449d5a5ca3ca4decca451f9.tar.bz2 |
Update NEWS
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 12 |
1 files changed, 11 insertions, 1 deletions
@@ -194,7 +194,17 @@ Changes to build and runtime requirements: Security related changes: * The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes, - to avoid fragmentation-based spoofing attacks. + to avoid fragmentation-based spoofing attacks (CVE-2017-12132). + +* LD_LIBRARY_PATH is now ignored in binaries running in privileged AT_SECURE + mode to guard against local privilege escalation attacks (CVE-2017-1000366). + +* Avoid printing a backtrace from the __stack_chk_fail function since it is + called on a corrupt stack and a backtrace is unreliable on a corrupt stack + (CVE-2010-3192). + +* A use-after-free vulnerability in clntudp_call in the Sun RPC system has been + fixed (CVE-2017-12133). The following bugs are resolved with this release: |