From 3b6ac4b1093333f364698ca3bb812c80b11c2f77 Mon Sep 17 00:00:00 2001
From: Allan McRae <allan@archlinux.org>
Date: Sat, 21 Jun 2014 17:23:55 +1000
Subject: Mention CVE-2014-4043 in NEWS

---
 ChangeLog | 4 ++++
 NEWS      | 6 ++++++
 2 files changed, 10 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index a101ac8..ed23b08 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2014-06-21  Allan McRae  <allan@archlinux.org>
+
+	* NEWS: Mention CVE-2014-4043.
+
 2014-06-11  Florian Weimer  <fweimer@redhat.com>
 
 	[BZ #17048]
diff --git a/NEWS b/NEWS
index 1745060..a0bf400 100644
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,12 @@ Version 2.16.1
   6530, 14195, 14547, 14459, 14476, 14562, 14621, 14648, 14699, 14756, 14831,
   15078, 15754, 15755, 16072, 17048, 17137, 17187, 17325.
 
+* CVE-2014-4043 The posix_spawn_file_actions_addopen implementation did not
+  copy the path argument.  This allowed programs to cause posix_spawn to
+  deference a dangling pointer, or use an unexpected pathname argument if
+  the string was modified after the posix_spawn_file_actions_addopen
+  invocation.
+
 * Decoding a crafted input sequence in the character sets IBM933, IBM935,
   IBM937, IBM939, IBM1364 could result in an out-of-bounds array read,
   resulting a denial-of-service security vulnerability in applications which
-- 
cgit v1.1