This is the mail archive of the
glibc-cvs@sourceware.org
mailing list for the glibc project.
GNU C Library master sources branch master updated. glibc-2.26.9000-903-g15e84c6
- From: aurel32 at sourceware dot org
- To: glibc-cvs at sourceware dot org
- Date: 1 Dec 2017 20:55:38 -0000
- Subject: GNU C Library master sources branch master updated. glibc-2.26.9000-903-g15e84c6
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via 15e84c63c05e0652047ba5e738c54d79d62ba74b (commit)
from 428fc49eaafe0fe5352445fcf23d9f603e9083a2 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=15e84c63c05e0652047ba5e738c54d79d62ba74b
commit 15e84c63c05e0652047ba5e738c54d79d62ba74b
Author: Aurelien Jarno <aurelien@aurel32.net>
Date: Fri Dec 1 21:53:51 2017 +0100
Update NEWS to add CVE-2017-15804 entry
diff --git a/NEWS b/NEWS
index 48af4ac..10f695a 100644
--- a/NEWS
+++ b/NEWS
@@ -100,8 +100,8 @@ Security related changes:
processing, leading to a memory leak and, potentially, to a denial
of service.
- The glob function, when invoked with GLOB_TILDE and without
- GLOB_NOESCAPE, could write past the end of a buffer while
+ CVE-2017-15804: The glob function, when invoked with GLOB_TILDE and
+ without GLOB_NOESCAPE, could write past the end of a buffer while
unescaping user names. Reported by Tim Rühsen.
The following bugs are resolved with this release:
-----------------------------------------------------------------------
Summary of changes:
NEWS | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
hooks/post-receive
--
GNU C Library master sources