This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[COMMITTED] Update NEWS to add CVE-2017-15804 entry
- From: Aurelien Jarno <aurelien at aurel32 dot net>
- To: libc-alpha at sourceware dot org
- Cc: Aurelien Jarno <aurelien at aurel32 dot net>
- Date: Fri, 1 Dec 2017 21:55:53 +0100
- Subject: [COMMITTED] Update NEWS to add CVE-2017-15804 entry
- Authentication-results: sourceware.org; auth=none
---
NEWS | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/NEWS b/NEWS
index 48af4acaea..10f695aab1 100644
--- a/NEWS
+++ b/NEWS
@@ -100,8 +100,8 @@ Security related changes:
processing, leading to a memory leak and, potentially, to a denial
of service.
- The glob function, when invoked with GLOB_TILDE and without
- GLOB_NOESCAPE, could write past the end of a buffer while
+ CVE-2017-15804: The glob function, when invoked with GLOB_TILDE and
+ without GLOB_NOESCAPE, could write past the end of a buffer while
unescaping user names. Reported by Tim Rühsen.
The following bugs are resolved with this release:
--
2.15.0