diff options
author | Florian Weimer <fweimer@redhat.com> | 2018-05-24 14:41:57 +0200 |
---|---|---|
committer | Fangrui Song <i@maskray.me> | 2021-08-27 16:22:13 -0700 |
commit | 537386b1c93f21c297907e99a5ba7c583b5f5006 (patch) | |
tree | df7c912282a87ddcf3345ba216bba933bc11e08b /NEWS | |
parent | 3eb848f53564dc1c7a5271031fd16cc312db2125 (diff) | |
download | glibc-537386b1c93f21c297907e99a5ba7c583b5f5006.zip glibc-537386b1c93f21c297907e99a5ba7c583b5f5006.tar.gz glibc-537386b1c93f21c297907e99a5ba7c583b5f5006.tar.bz2 |
Add references to CVE-2018-11236, CVE-2017-18269
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -52,6 +52,13 @@ The following bugs are resolved with this release: Security related changes: + CVE-2017-18269: An SSE2-based memmove implementation for the i386 + architecture could corrupt memory. Reported by Max Horn. + + CVE-2018-11236: Very long pathname arguments to realpath function could + result in an integer overflow and buffer overflow. Reported by Alexey + Izbyshev. + CVE-2018-11237: The mempcpy implementation for the Intel Xeon Phi architecture could write beyond the target buffer, resulting in a buffer overflow. Reported by Andreas Schwab. |