From: Aurelien Jarno Date: Fri, 1 Dec 2017 20:53:51 +0000 (+0100) Subject: Update NEWS to add CVE-2017-15804 entry X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d81254d2efcb839fd11df2960df5bba579193808;p=thirdparty%2Fglibc.git Update NEWS to add CVE-2017-15804 entry (cherry picked from commit 15e84c63c05e0652047ba5e738c54d79d62ba74b) --- diff --git a/NEWS b/NEWS index 0531dfa9c6d..bc326432551 100644 --- a/NEWS +++ b/NEWS @@ -30,8 +30,8 @@ Security related changes: processing, leading to a memory leak and, potentially, to a denial of service. -* The glob function, when invoked with GLOB_TILDE and without - GLOB_NOESCAPE, could write past the end of a buffer while +* CVE-2017-15804: The glob function, when invoked with GLOB_TILDE and + without GLOB_NOESCAPE, could write past the end of a buffer while unescaping user names. Reported by Tim Rühsen. The following bugs are resolved with this release: