From: Tulio Magno Quites Machado Filho <tuliom@linux.vnet.ibm.com>
Date: Fri, 1 Apr 2016 18:58:16 +0000 (-0300)
Subject: NEWS: update from previous commit
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fc58942b399b240b939e160e164ce95da3cefd10;p=thirdparty%2Fglibc.git

NEWS: update from previous commit
---

diff --git a/NEWS b/NEWS
index a3dd3c79da1..8aa1206ea8f 100644
--- a/NEWS
+++ b/NEWS
@@ -25,7 +25,12 @@ Version 2.22.1
 
   17905, 18420, 18421, 18480, 18589, 18743, 18778, 18781, 18787, 18796,
   18870, 18887, 18921, 18928, 18969, 18985, 19003, 19018, 19058, 19174,
-  19178, 19590, 19682, 19791, 19822.
+  19178, 19590, 19682, 19791, 19822, 19879.
+
+* The getnetbyname implementation in nss_dns had a potentially unbounded
+  alloca call (in the form of a call to strdupa), leading to a stack
+  overflow (stack exhaustion) and a crash if getnetbyname is invoked
+  on a very long name.  (CVE-2016-3075)
 
 * The LD_POINTER_GUARD environment variable can no longer be used to
   disable the pointer guard feature.  It is always enabled.