This is the mail archive of the glibc-cvs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

GNU C Library master sources branch master updated. glibc-2.27.9000-33-g71aa429

From: fw at sourceware dot org
To: glibc-cvs at sourceware dot org
Date: 6 Feb 2018 08:19:47 -0000
Subject: GNU C Library master sources branch master updated. glibc-2.27.9000-33-g71aa429

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  71aa429b029fdb6f9e65d44050388b51eca460d6 (commit)
      from  26c07172cde74617ca7214c93cdcfa75321e6b2b (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=71aa429b029fdb6f9e65d44050388b51eca460d6

commit 71aa429b029fdb6f9e65d44050388b51eca460d6
Author: Florian Weimer <fweimer@redhat.com>
Date:   Tue Feb 6 09:19:03 2018 +0100

    Record CVE-2018-6551 in NEWS and ChangeLog [BZ #22774]

diff --git a/ChangeLog b/ChangeLog
index ca221a4..e6e29b1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -999,7 +999,9 @@
 2018-01-18  Arjun Shankar  <arjun@redhat.com>
 
 	[BZ #22343]
+	[BZ #22774]
 	CVE-2018-6485
+	CVE-2018-6551
 	* malloc/malloc.c (checked_request2size): call REQUEST_OUT_OF_RANGE
 	after padding.
 	(_int_memalign): check for integer overflow before calling
diff --git a/NEWS b/NEWS
index 06ae43d..3629944 100644
--- a/NEWS
+++ b/NEWS
@@ -291,6 +291,10 @@ Security related changes:
   an object size near the value of SIZE_MAX, would return a pointer to a
   buffer which is too small, instead of NULL.  Reported by Jakub Wilk.
 
+  CVE-2018-6551: The malloc function, when called with an object size near
+  the value of SIZE_MAX, would return a pointer to a buffer which is too
+  small, instead of NULL.
+
 The following bugs are resolved with this release:
 
   [866] glob: glob should match dangling symlinks

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog |    2 ++
 NEWS      |    4 ++++
 2 files changed, 6 insertions(+), 0 deletions(-)


hooks/post-receive
-- 
GNU C Library master sources

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]