public inbox for glibc-cvs@sourceware.org
help / color / mirror / Atom feed
* [glibc] Move NEWS entry for CVE-2020-1751 to the 2.31 section
@ 2020-07-31 11:00 Florian Weimer
0 siblings, 0 replies; only message in thread
From: Florian Weimer @ 2020-07-31 11:00 UTC (permalink / raw)
To: glibc-cvs
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=7f1a08cff82255cd4252a2c75fd65b80a6a170bf
commit 7f1a08cff82255cd4252a2c75fd65b80a6a170bf
Author: Florian Weimer <fweimer@redhat.com>
Date: Fri Jul 31 12:07:06 2020 +0200
Move NEWS entry for CVE-2020-1751 to the 2.31 section
It was fixed in commit d93769405996dfc11d216ddbe415946617b5a494
("Fix array overflow in backtrace on PowerPC (bug 25423)"), which
went into glibc 2.31.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Diff:
---
NEWS | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/NEWS b/NEWS
index 7fb167e650..85f91b3ecb 100644
--- a/NEWS
+++ b/NEWS
@@ -171,9 +171,6 @@ Security related changes:
corruption when they were passed a pseudo-zero argument. Reported by Guido
Vranken / ForAllSecure Mayhem.
- CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
- out-of-bounds write when executed in a signal frame context.
-
CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.
@@ -325,6 +322,9 @@ Changes to build and runtime requirements:
Security related changes:
+ CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
+ out-of-bounds write when executed in a signal frame context.
+
CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
environment variable during program execution after a security
transition, allowing local attackers to restrict the possible mapping
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2020-07-31 11:00 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-31 11:00 [glibc] Move NEWS entry for CVE-2020-1751 to the 2.31 section Florian Weimer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).