diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -190,6 +190,7 @@ The following bugs are resolved with this release: [24155] x32 memcmp can treat positive length as 0 (if sign bit in RDX is set) (CVE-2019-7309) [25203] libio: Disable vtable validation for pre-2.1 interposed handles [25204] Ignore LD_PREFER_MAP_32BIT_EXEC for SUID programs + [25423] Array overflow in backtrace on powerpc Version 2.26 @@ -393,6 +394,9 @@ Security related changes: * A use-after-free vulnerability in clntudp_call in the Sun RPC system has been fixed (CVE-2017-12133). +* A use-after-free vulnerability in the glob function when expanding ~user has + been fixed (CVE-2020-1752). + The following bugs are resolved with this release: [984] network: Respond to changed resolv.conf in gethostbyname @@ -620,6 +624,7 @@ The following bugs are resolved with this release: [21839] localedata: Fix LC_MONETARY for ta_LK [21844] localedata: Fix Latin characters and Months Sequence. [21848] localedata: Fix mai_NP Title Name + [25414] 'glob' use-after-free bug (CVE-2020-1752) Version 2.25 |