AuroraMiddleware/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2024-11-21 20:40:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Record CVE-2018-6551 in NEWS and ChangeLog [BZ #22774]

Browse Source
This commit is contained in:
Florian Weimer 2018-02-06 09:19:03 +01:00
parent 26c07172cd
commit 71aa429b02
2 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -999,7 +999,9 @@
2018-01-18 Arjun Shankar <arjun@redhat.com> 2018-01-18 Arjun Shankar <arjun@redhat.com>
[BZ #22343] [BZ #22343]
[BZ #22774]
CVE-2018-6485 CVE-2018-6485
CVE-2018-6551
* malloc/malloc.c (checked_request2size): call REQUEST_OUT_OF_RANGE * malloc/malloc.c (checked_request2size): call REQUEST_OUT_OF_RANGE
after padding. after padding.
(_int_memalign): check for integer overflow before calling (_int_memalign): check for integer overflow before calling

4
NEWS
View File

@ -291,6 +291,10 @@ Security related changes:
an object size near the value of SIZE_MAX, would return a pointer to a an object size near the value of SIZE_MAX, would return a pointer to a
buffer which is too small, instead of NULL. Reported by Jakub Wilk. buffer which is too small, instead of NULL. Reported by Jakub Wilk.
CVE-2018-6551: The malloc function, when called with an object size near
the value of SIZE_MAX, would return a pointer to a buffer which is too
small, instead of NULL.
The following bugs are resolved with this release: The following bugs are resolved with this release:
[866] glob: glob should match dangling symlinks [866] glob: glob should match dangling symlinks