Separate internal state between getXXent and getXXbyYY NSS calls (bug 18007)

author: Andreas Schwab <schwab@suse.de> 2015-03-25 16:35:46 +0100
committer: Andreas Schwab <schwab@suse.de> 2015-05-11 10:41:49 +0200
commit: b13b96ca05a132a12dc5f3712b99e626670716bf (patch)
tree: 2b1ab6395ec3b6e44c63513858e2c53383747733 /NEWS
parent: e1b6cb04f5efff7fb7415c69511d3ab3c31c6e4a (diff)
download: glibc-b13b96ca05a132a12dc5f3712b99e626670716bf.zip
glibc-b13b96ca05a132a12dc5f3712b99e626670716bf.tar.gz
glibc-b13b96ca05a132a12dc5f3712b99e626670716bf.tar.bz2
1 files changed, 3 insertions, 4 deletions
diff --git a/NEWS b/NEWS
index fb42283..c1054cc 100644
--- a/NEWS
+++ b/NEWS
@@ -44,10 +44,9 @@ Version 2.22
   Hat).  These updates cause user visible changes, such as the fix for bug
   17998.
 
-* CVE-2014-8121 The NSS files backend would reset the file pointer used by
-  the get*ent functions if any of the query functions for the same database
-  are used during the iteration, causing a denial-of-service condition in
-  some applications.
+* CVE-2014-8121 The NSS backends shared internal state between the getXXent
+  and getXXbyYY NSS calls for the same database, causing a denial-of-service
+  condition in some applications.
 
 Version 2.21
author	Andreas Schwab <schwab@suse.de>	2015-03-25 16:35:46 +0100
committer	Andreas Schwab <schwab@suse.de>	2015-05-11 10:41:49 +0200
commit	b13b96ca05a132a12dc5f3712b99e626670716bf (patch)
tree	2b1ab6395ec3b6e44c63513858e2c53383747733 /NEWS
parent	e1b6cb04f5efff7fb7415c69511d3ab3c31c6e4a (diff)
download	glibc-b13b96ca05a132a12dc5f3712b99e626670716bf.zip glibc-b13b96ca05a132a12dc5f3712b99e626670716bf.tar.gz glibc-b13b96ca05a132a12dc5f3712b99e626670716bf.tar.bz2