Add CVE-2013-4332 to NEWS.

author Will Newton <will.newton@linaro.org>

Fri, 13 Sep 2013 08:26:02 +0000 (09:26 +0100)

committer Adhemerval Zanella <azanella@linux.vnet.ibm.com>

Fri, 15 Nov 2013 17:43:16 +0000 (11:43 -0600)
author Will Newton <will.newton@linaro.org>
Fri, 13 Sep 2013 08:26:02 +0000 (09:26 +0100)
committer Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Fri, 15 Nov 2013 17:43:16 +0000 (11:43 -0600)
diff --git a/NEWS b/NEWS

index d97a4aca42105dc83e4497158efa55d84140aa89..a816bc10bdcbad8718f58ad9385d4c6dd3cfe60e 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -45,6 +45,11 @@ Version 2.18
    15655, 15666, 15667, 15674, 15711, 15755, 15759, 15797, 15892, 15893,
    15895.
  
+* CVE-2013-4332 The pvalloc, valloc, memalign, posix_memalign and
+  aligned_alloc functions could allocate too few bytes or corrupt the
+  heap when passed very large allocation size values (Bugzilla #15855,
+  #15856, #15857).
+
  * CVE-2013-4788 The pointer guard used for pointer mangling was not
    initialized for static applications resulting in the security feature
    being disabled. The pointer guard is now correctly initialized to a
author	Will Newton <will.newton@linaro.org>
	Fri, 13 Sep 2013 08:26:02 +0000 (09:26 +0100)
committer	Adhemerval Zanella <azanella@linux.vnet.ibm.com>
	Fri, 15 Nov 2013 17:43:16 +0000 (11:43 -0600)