From ec2c1fcefb200c6cb7e09553f3c6af8815013d83 Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Wed, 30 Aug 2017 16:39:41 +0200
Subject: malloc: Abort on heap corruption, without a backtrace [BZ #21754]

The stack trace printing caused deadlocks and has been itself been
targeted by code execution exploits.
---
 NEWS | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index 8fe0879..625bcc6 100644
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,14 @@ Major new features:
 * Optimized x86-64 asin, atan2, exp, expf, log, pow, atan, sin and tan
   with FMA, contributed by Arjan van de Ven and H.J. Lu from Intel.
 
+* In order to support faster and safer process termination the malloc API
+  family of functions will no longer print a failure address and stack
+  backtrace after detecting heap corruption.  The goal is to minimize the
+  amount of work done after corruption is detected and to avoid potential
+  security issues in continued process execution.  Reducing shutdown time
+  leads to lower overall process restart latency, so there is benefit both
+  from a security and performance perspective.
+
 Deprecated and removed features, and other changes affecting compatibility:
 
 * On GNU/Linux, the obsolete Linux constant PTRACE_SEIZE_DEVEL is no longer
-- 
cgit v1.1