Add references to CVE-2018-11236, CVE-2017-18269

diff --git a/ChangeLog b/ChangeLog
index 4aa9ff73f8d7e03fceac6051ed7bbdae18f5ce4d..fefd9e43eafb8fd15a8ec154cb80b223c2d192f4 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -34,6 +34,7 @@
 2018-05-09  Paul Pluzhnikov  <ppluzhnikov@google.com>
 
        [BZ #22786]
+       CVE-2018-11236
        * stdlib/canonicalize.c (__realpath): Fix overflow in path length
        computation.
        * stdlib/Makefile (test-bz22786): New test.
@@ -147,6 +148,7 @@
            Max Horn  <max@quendi.de>
 
        [BZ #22644]
+       CVE-2017-18269
        * sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S: Fixed
        branch conditions.
        * string/test-memmove.c (do_test2): New testcase.

diff --git a/NEWS b/NEWS
index ee08fc3d23c41020b3739cc3986b3d02501a3af8..28535db4de1675b4d219aaad425b53ceddc0ff3b 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -52,6 +52,13 @@ The following bugs are resolved with this release:
 
 Security related changes:
 
+  CVE-2017-18269: An SSE2-based memmove implementation for the i386
+  architecture could corrupt memory.  Reported by Max Horn.
+
+  CVE-2018-11236: Very long pathname arguments to realpath function could
+  result in an integer overflow and buffer overflow.  Reported by Alexey
+  Izbyshev.
+
   CVE-2018-11237: The mempcpy implementation for the Intel Xeon Phi
   architecture could write beyond the target buffer, resulting in a buffer
   overflow.  Reported by Andreas Schwab.