This is the mail archive of the
glibc-cvs@sourceware.org
mailing list for the glibc project.
GNU C Library master sources branch master updated. glibc-2.21-6-g46d5487
- From: fw at sourceware dot org
- To: glibc-cvs at sourceware dot org
- Date: 6 Feb 2015 15:58:10 -0000
- Subject: GNU C Library master sources branch master updated. glibc-2.21-6-g46d5487
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via 46d54873c379cb1a3acc501587a5bc22c0767b38 (commit)
from 1c7a4a51a30dd001c81630156458ee55fc2e883c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=46d54873c379cb1a3acc501587a5bc22c0767b38
commit 46d54873c379cb1a3acc501587a5bc22c0767b38
Author: Florian Weimer <fweimer@redhat.com>
Date: Fri Feb 6 16:28:24 2015 +0100
NEWS: Also mention CVE-2015-1473
diff --git a/NEWS b/NEWS
index 1f839bc..585eda6 100644
--- a/NEWS
+++ b/NEWS
@@ -27,10 +27,11 @@ Version 2.21
17801, 17803, 17806, 17834, 17844, 17848, 17868, 17869, 17870, 17885,
17892.
-* CVE-2015-1472 Under certain conditions wscanf can allocate too little
- memory for the to-be-scanned arguments and overflow the allocated
- buffer. The implementation now correctly computes the required buffer
- size when using malloc.
+* CVE-2015-1472 CVE-2015-1473 Under certain conditions wscanf can allocate
+ too little memory for the to-be-scanned arguments and overflow the
+ allocated buffer. The implementation now correctly computes the required
+ buffer size when using malloc, and switches to malloc from alloca as
+ intended.
* A new semaphore algorithm has been implemented in generic C code for all
machines. Previous custom assembly implementations of semaphore were
-----------------------------------------------------------------------
Summary of changes:
NEWS | 9 +++++----
1 files changed, 5 insertions(+), 4 deletions(-)
hooks/post-receive
--
GNU C Library master sources