Add CVE-2013-4332 to NEWS.

author Will Newton <will.newton@linaro.org>

Fri, 13 Sep 2013 08:26:02 +0000 (09:26 +0100)

committer Adhemerval Zanella <azanella@linux.vnet.ibm.com>

Fri, 1 Nov 2013 17:58:22 +0000 (12:58 -0500)
author Will Newton <will.newton@linaro.org>
Fri, 13 Sep 2013 08:26:02 +0000 (09:26 +0100)
committer Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Fri, 1 Nov 2013 17:58:22 +0000 (12:58 -0500)
diff --git a/NEWS b/NEWS

index e8f1099755c06098216806be155ab3fda70a3644..ef92d7ceba50fed09226ed2a70b446c71514bd6d 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -25,6 +25,11 @@ Version 2.18
    15654, 15655, 15666, 15667, 15674, 15711, 15755, 15759, 15797, 15892,
    15893, 15895, 15917, 15988, 16072.
  
+* CVE-2013-4332 The pvalloc, valloc, memalign, posix_memalign and
+  aligned_alloc functions could allocate too few bytes or corrupt the
+  heap when passed very large allocation size values (Bugzilla #15855,
+  #15856, #15857).
+
  * CVE-2013-4788 The pointer guard used for pointer mangling was not
    initialized for static applications resulting in the security feature
    being disabled. The pointer guard is now correctly initialized to a
author	Will Newton <will.newton@linaro.org>
	Fri, 13 Sep 2013 08:26:02 +0000 (09:26 +0100)
committer	Adhemerval Zanella <azanella@linux.vnet.ibm.com>
	Fri, 1 Nov 2013 17:58:22 +0000 (12:58 -0500)