diff options
author | Florian Weimer <fweimer@redhat.com> | 2017-12-06 07:39:25 +0100 |
---|---|---|
committer | Florian Weimer <fweimer@redhat.com> | 2017-12-06 07:40:42 +0100 |
commit | 37ac8e635a29810318f6d79902102e2e96b2b5bf (patch) | |
tree | e9dc4ee94b88e8d0c64961a91c8e4a4def8bb774 | |
parent | 87235d7006afcb681ff7422bae346da7dcd995d7 (diff) | |
download | glibc-37ac8e635a29810318f6d79902102e2e96b2b5bf.zip glibc-37ac8e635a29810318f6d79902102e2e96b2b5bf.tar.gz glibc-37ac8e635a29810318f6d79902102e2e96b2b5bf.tar.bz2 |
Add references to CVE-2017-17426
-rw-r--r-- | ChangeLog | 1 | ||||
-rw-r--r-- | NEWS | 5 |
2 files changed, 6 insertions, 0 deletions
@@ -1164,6 +1164,7 @@ 2017-11-30 Arjun Shankar <arjun@redhat.com> [BZ #22375] + CVE-2017-17426 * malloc/malloc.c (__libc_malloc): Use checked_request2size instead of request2size. @@ -112,6 +112,11 @@ Security related changes: without GLOB_NOESCAPE, could write past the end of a buffer while unescaping user names. Reported by Tim Rühsen. + CVE-2017-17426: The malloc function, when called with an object size near + the value SIZE_MAX, would return a pointer to a buffer which is too small, + instead of NULL. This was a regression introduced with the new malloc + thread cache in glibc 2.26. Reported by Iain Buclaw. + The following bugs are resolved with this release: [The release manager will add the list generated by |