From 0890d5379cac9b7e2a5f09c3647ebad235c1442d Mon Sep 17 00:00:00 2001 From: Aurelien Jarno Date: Fri, 1 Dec 2017 21:53:51 +0100 Subject: [PATCH] Update NEWS to add CVE-2017-15804 entry (cherry picked from commit 15e84c63c05e0652047ba5e738c54d79d62ba74b) --- NEWS | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index 7d3a326d88e..61bffe0451d 100644 --- a/NEWS +++ b/NEWS @@ -35,8 +35,8 @@ Security related changes: processing, leading to a memory leak and, potentially, to a denial of service. - The glob function, when invoked with GLOB_TILDE and without - GLOB_NOESCAPE, could write past the end of a buffer while + CVE-2017-15804: The glob function, when invoked with GLOB_TILDE and + without GLOB_NOESCAPE, could write past the end of a buffer while unescaping user names. Reported by Tim Rühsen. The following bugs are resolved with this release: -- 2.47.2