NEWS: merge two sections about security related changes in 2.25.1

author Dmitry V. Levin <ldv@altlinux.org>

Fri, 15 Dec 2017 00:30:45 +0000 (00:30 +0000)

committer Dmitry V. Levin <ldv@altlinux.org>

Fri, 15 Dec 2017 00:30:45 +0000 (00:30 +0000)
author Dmitry V. Levin <ldv@altlinux.org>
Fri, 15 Dec 2017 00:30:45 +0000 (00:30 +0000)
committer Dmitry V. Levin <ldv@altlinux.org>
Fri, 15 Dec 2017 00:30:45 +0000 (00:30 +0000)
diff --git a/NEWS b/NEWS

index 0a8f20e37111acdced23d6aab9e7cb4fd14693d5..d047d96e76914184d4c6c1536084d249ca101eb5 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,10 @@ Security related changes:
  * The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes,
    to avoid fragmentation-based spoofing attacks.
  
+  CVE-2017-15670: The glob function, when invoked with GLOB_TILDE, suffered
+  from a one-byte overflow during ~ operator processing (either on the stack
+  or the heap, depending on the length of the user name).
+
    CVE-2017-15671: The glob function, when invoked with GLOB_TILDE,
    would sometimes fail to free memory allocated during ~ operator
    processing, leading to a memory leak and, potentially, to a denial
@@ -38,13 +42,6 @@ The following bugs are resolved with this release:
    [21778] Robust mutex may deadlock
    [21972] assert macro requires operator== (int) for its argument type
    [22322] libc: [mips64] wrong bits/long-double.h installed
-
-Security related changes:
-
-  CVE-2017-15670: The glob function, when invoked with GLOB_TILDE, suffered
-  from a one-byte overflow during ~ operator processing (either on the stack
-  or the heap, depending on the length of the user name).
-
  \f
  Version 2.25
author	Dmitry V. Levin <ldv@altlinux.org>
	Fri, 15 Dec 2017 00:30:45 +0000 (00:30 +0000)
committer	Dmitry V. Levin <ldv@altlinux.org>
	Fri, 15 Dec 2017 00:30:45 +0000 (00:30 +0000)