Merge release/2.20/master into ibm/2.20/master

Conflicts:
	NEWS

diff --cc ChangeLog
Simple merge

diff --cc NEWS
index 52d14e38be32b3840f1c5f46d6f09b88b176d2af,dc8679f8cac134fa1cf55f8af077e4e3be8f3589..6181729b61c85f3abbab665b90dc1ab6092f8707
--- 1/NEWS
--- 2/NEWS
+++ b/NEWS
@@@ -10,7 -10,21 +10,21 @@@ Version 2.20.
  * The following bugs are resolved with this release:
  
    16009, 16617, 16618, 17266, 17269, 17370, 17371, 17460, 17485, 17555,
-   17625, 17630, 17801, 18007, 18032, 18287, 18665, 18694, 18928, 19018.
 -  17625, 17630, 17801, 17905, 18032, 18080, 18240, 18508, 18665, 18694,
 -  18928, 19018, 19682.
++  17625, 17630, 17801, 17905, 18007, 18032, 18080, 18240, 18287, 18508,
++  18665, 18694, 18928, 19018, 19682.
+ 
+ * The glob function suffered from a stack-based buffer overflow when it was
+   called with the GLOB_ALTDIRFUNC flag and encountered a long file name.
+   Reported by Alexander Cherepanov.  (CVE-2016-1234)
+ 
+ * An unnecessary stack copy in _nss_dns_getnetbyname_r was removed.  It
+   could result in a stack overflow when getnetbyname was called with an
+   overly long name.  (CVE-2016-3075)
+ 
+ * Previously, getaddrinfo copied large amounts of address data to the stack,
+   even after the fix for CVE-2013-4458 has been applied, potentially
+   resulting in a stack overflow.  getaddrinfo now uses a heap allocation
+   instead.  Reported by Michael Petlan.  (CVE-2016-3706)
  
  * A stack-based buffer overflow was found in libresolv when invoked from
    libnss_dns, allowing specially crafted DNS responses to seize control