From: Will Newton <will.newton@linaro.org>
Date: Fri, 13 Sep 2013 08:26:02 +0000 (+0100)
Subject: Add CVE-2013-4332 to NEWS.
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e20644b3a6f96eb053ab4c2c900f7bef7f472916;p=thirdparty%2Fglibc.git

Add CVE-2013-4332 to NEWS.
---

diff --git a/NEWS b/NEWS
index e8f1099755c..ef92d7ceba5 100644
--- a/NEWS
+++ b/NEWS
@@ -25,6 +25,11 @@ Version 2.18
   15654, 15655, 15666, 15667, 15674, 15711, 15755, 15759, 15797, 15892,
   15893, 15895, 15917, 15988, 16072.
 
+* CVE-2013-4332 The pvalloc, valloc, memalign, posix_memalign and
+  aligned_alloc functions could allocate too few bytes or corrupt the
+  heap when passed very large allocation size values (Bugzilla #15855,
+  #15856, #15857).
+
 * CVE-2013-4788 The pointer guard used for pointer mangling was not
   initialized for static applications resulting in the security feature
   being disabled. The pointer guard is now correctly initialized to a