From: Florian Weimer <fweimer@redhat.com>
Date: Fri, 31 Jul 2020 10:07:06 +0000 (+0200)
Subject: Move NEWS entry for CVE-2020-1751 to the 2.31 section
X-Git-Tag: glibc-2.32~11
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7f1a08cff82255cd4252a2c75fd65b80a6a170bf;p=thirdparty%2Fglibc.git

Move NEWS entry for CVE-2020-1751 to the 2.31 section

It was fixed in commit d93769405996dfc11d216ddbe415946617b5a494
("Fix array overflow in backtrace on PowerPC (bug 25423)"), which
went into glibc 2.31.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
---

diff --git a/NEWS b/NEWS
index 7fb167e6509..85f91b3ecb7 100644
--- a/NEWS
+++ b/NEWS
@@ -171,9 +171,6 @@ Security related changes:
   corruption when they were passed a pseudo-zero argument.  Reported by Guido
   Vranken / ForAllSecure Mayhem.
 
-  CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
-  out-of-bounds write when executed in a signal frame context.
-
   CVE-2020-1752: A use-after-free vulnerability in the glob function when
   expanding ~user has been fixed.
 
@@ -325,6 +322,9 @@ Changes to build and runtime requirements:
 
 Security related changes:
 
+  CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
+  out-of-bounds write when executed in a signal frame context.
+
   CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
   environment variable during program execution after a security
   transition, allowing local attackers to restrict the possible mapping