From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <libc-stable-return-1041-listarch-libc-stable=sourceware.org@sourceware.org>
Received: (qmail 90679 invoked by alias); 22 Nov 2019 12:46:20 -0000
Mailing-List: contact libc-stable-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Post: <mailto:libc-stable@sourceware.org>
List-Help: <mailto:libc-stable-help@sourceware.org>
List-Subscribe: <mailto:libc-stable-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-stable/>
Sender: libc-stable-owner@sourceware.org
Received: (qmail 90668 invoked by uid 89); 22 Nov 2019 12:46:20 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Checked: by ClamAV 0.100.3 on sourceware.org
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-18.1 required=5.0 tests=AWL,BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,KAM_NUMSUBJECT autolearn=ham version=3.3.1 spammy=
X-Spam-Status: No, score=-18.1 required=5.0 tests=AWL,BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,KAM_NUMSUBJECT autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on sourceware.org
X-Spam-Level:
X-HELO: us-smtp-delivery-1.mimecast.com
Received: from us-smtp-2.mimecast.com (HELO us-smtp-delivery-1.mimecast.com) (207.211.31.81) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 22 Nov 2019 12:46:19 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;	s=mimecast20190719; t=1574426778;	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:	 to:to:cc:mime-version:mime-version:content-type:content-type:	 content-transfer-encoding:content-transfer-encoding;	bh=5/lLhS9R/Yrr515V0TaQGXOMUFbP5eeFCHADAK5wNlM=;	b=I5c6W7bZdsTKM5Ek8z2kR+wQ5AmafRHgDGbOIwnbqsnIt3IHx5xyAe/rMFiiQq3UFefVo9	G46paDjs8o+gdmYXS5OQIbzHTGRhSXh1ma8vzjJDYXIfyvmyRuswSeM0cUUT8PQKRDaDBg	HrvExU24NEyQvumVSjm0gFxGlnWilQU=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-45-lVMiEfdEO-OBTdF-G3wy8w-1; Fri, 22 Nov 2019 07:46:16 -0500
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13])	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))	(No client certificate requested)	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 5EDFF10054E3	for <libc-stable@sourceware.org>; Fri, 22 Nov 2019 12:46:15 +0000 (UTC)
Received: from oldenburg2.str.redhat.com (dhcp-192-200.str.redhat.com [10.33.192.200])	by smtp.corp.redhat.com (Postfix) with ESMTPS id 350FC67E5F	for <libc-stable@sourceware.org>; Fri, 22 Nov 2019 12:46:15 +0000 (UTC)
Received: by oldenburg2.str.redhat.com (Postfix, from userid 1000)	id A2FFE818D940; Fri, 22 Nov 2019 13:46:13 +0100 (CET)
Date: Tue, 01 Jan 2019 00:00:00 -0000
To: libc-stable@sourceware.org
Subject: [2.29 COMMITTED] Update NEWS for CVE-2019-19126
User-Agent: Heirloom mailx 12.5 7/5/10
MIME-Version: 1.0
Message-Id: <20191122124613.A2FFE818D940@oldenburg2.str.redhat.com>
From: Florian Weimer <fweimer@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-MC-Unique: lVMiEfdEO-OBTdF-G3wy8w-1
X-Mimecast-Spam-Score: 0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-IsSubscribed: yes
X-SW-Source: 2019-11/txt/msg00025.txt.bz2

diff --git a/NEWS b/NEWS
index 4ad7c47d5f..6b3f4e0776 100644
--- a/NEWS
+++ b/NEWS
@@ -51,6 +51,12 @@ Security related changes:
   via proceed_next_node in posix/regexec.c leads to heap-based buffer
   over-read.  Reported by Hongxu Chen.
=20
+  CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
+  environment variable during program execution after a security
+  transition, allowing local attackers to restrict the possible mapping
+  addresses for loaded libraries and thus bypass ASLR for a setuid
+  program.  Reported by Marcin Ko=C5=9Bcielnicki.
+
 =0C
 Version 2.29
=20