Update NEWS for bug 22343 and bug 22774

author Arjun Shankar <arjun@redhat.com>

Thu, 8 Feb 2018 16:04:17 +0000 (17:04 +0100)

committer Arjun Shankar <arjun@redhat.com>

Thu, 8 Feb 2018 16:04:17 +0000 (17:04 +0100)
author Arjun Shankar <arjun@redhat.com>
Thu, 8 Feb 2018 16:04:17 +0000 (17:04 +0100)
committer Arjun Shankar <arjun@redhat.com>
Thu, 8 Feb 2018 16:04:17 +0000 (17:04 +0100)
diff --git a/NEWS b/NEWS

index 0b0a6e8b5f73b463444cafc903a24697e419028d..410f0d163145c1549fb73fdd96568f585b5bf62f 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -107,6 +107,7 @@ The following bugs are resolved with this release:
    [22321] sysconf: Fix missing definition of UIO_MAXIOV on Linux
    [22322] libc: [mips64] wrong bits/long-double.h installed
    [22325] glibc: Memory leak in glob with GLOB_TILDE (CVE-2017-15671)
+  [22343] malloc: Integer overflow in posix_memalign (CVE-2018-6485)
    [22375] malloc returns pointer from tcache instead of NULL (CVE-2017-17426)
    [22377] Provide a C++ version of iseqsig
    [22636] PTHREAD_STACK_MIN is too small on x86-64
@@ -116,6 +117,7 @@ The following bugs are resolved with this release:
      (CVE-2018-1000001)
    [22685] powerpc: Fix syscalls during early process initialization
    [22715] x86-64: Properly align La_x86_64_retval to VEC_SIZE
+  [22774] malloc: Integer overflow in malloc (CVE-2018-6551)
  \f
  Version 2.26
author	Arjun Shankar <arjun@redhat.com>
	Thu, 8 Feb 2018 16:04:17 +0000 (17:04 +0100)
committer	Arjun Shankar <arjun@redhat.com>
	Thu, 8 Feb 2018 16:04:17 +0000 (17:04 +0100)