mirror of
https://sourceware.org/git/glibc.git
synced 2024-11-08 14:20:07 +00:00
Add ChangeLog reference to bug 16750/CVE-2009-5064
This commit is contained in:
parent
eedca9772e
commit
403143e1df
@ -1,5 +1,7 @@
|
||||
2017-08-16 Andreas Schwab <schwab@suse.de>
|
||||
|
||||
[BZ #16750]
|
||||
CVE-2009-5064
|
||||
* elf/ldd.bash.in: Never run file directly.
|
||||
|
||||
2017-08-15 H.J. Lu <hongjiu.lu@intel.com>
|
||||
|
6
NEWS
6
NEWS
@ -22,7 +22,11 @@ Changes to build and runtime requirements:
|
||||
|
||||
Security related changes:
|
||||
|
||||
[Add security related changes here]
|
||||
CVE-2009-5064: The ldd script would sometimes run the program under
|
||||
examination directly, without preventing code execution through the
|
||||
dynamic linker. (The glibc project disputes that this is a security
|
||||
vulnerability; only trusted binaries must be examined using the ldd
|
||||
script.)
|
||||
|
||||
The following bugs are resolved with this release:
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user