From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <fw@sourceware.org>
Received: by sourceware.org (Postfix, from userid 2178)
 id 557A73858D35; Fri, 31 Jul 2020 11:00:00 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 557A73858D35
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Florian Weimer <fw@sourceware.org>
To: glibc-cvs@sourceware.org
Subject: [glibc] Move NEWS entry for CVE-2020-1751 to the 2.31 section
X-Act-Checkin: glibc
X-Git-Author: Florian Weimer <fweimer@redhat.com>
X-Git-Refname: refs/heads/master
X-Git-Oldrev: 89c255294a5b14dd88e45ed3b2a2a66517ed1a6f
X-Git-Newrev: 7f1a08cff82255cd4252a2c75fd65b80a6a170bf
Message-Id: <20200731110000.557A73858D35@sourceware.org>
Date: Fri, 31 Jul 2020 11:00:00 +0000 (GMT)
X-BeenThere: glibc-cvs@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Glibc-cvs mailing list <glibc-cvs.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/glibc-cvs>,
 <mailto:glibc-cvs-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/glibc-cvs/>
List-Help: <mailto:glibc-cvs-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/glibc-cvs>,
 <mailto:glibc-cvs-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jul 2020 11:00:00 -0000

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=7f1a08cff82255cd4252a2c75fd65b80a6a170bf

commit 7f1a08cff82255cd4252a2c75fd65b80a6a170bf
Author: Florian Weimer <fweimer@redhat.com>
Date:   Fri Jul 31 12:07:06 2020 +0200

    Move NEWS entry for CVE-2020-1751 to the 2.31 section
    
    It was fixed in commit d93769405996dfc11d216ddbe415946617b5a494
    ("Fix array overflow in backtrace on PowerPC (bug 25423)"), which
    went into glibc 2.31.
    
    Reviewed-by: Carlos O'Donell <carlos@redhat.com>

Diff:
---
 NEWS | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/NEWS b/NEWS
index 7fb167e650..85f91b3ecb 100644
--- a/NEWS
+++ b/NEWS
@@ -171,9 +171,6 @@ Security related changes:
   corruption when they were passed a pseudo-zero argument.  Reported by Guido
   Vranken / ForAllSecure Mayhem.
 
-  CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
-  out-of-bounds write when executed in a signal frame context.
-
   CVE-2020-1752: A use-after-free vulnerability in the glob function when
   expanding ~user has been fixed.
 
@@ -325,6 +322,9 @@ Changes to build and runtime requirements:
 
 Security related changes:
 
+  CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
+  out-of-bounds write when executed in a signal frame context.
+
   CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
   environment variable during program execution after a security
   transition, allowing local attackers to restrict the possible mapping