Move NEWS entry for CVE-2020-1751 to the 2.31 section

It was fixed in commit d937694059 ("Fix array overflow in backtrace on PowerPC (bug 25423)"), which went into glibc 2.31. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2024-11-21 12:30:06 +00:00 · 2020-07-31 12:07:06 +02:00 · 2020-07-31 12:07:06 +02:00 · 7f1a08cff8
commit 7f1a08cff8
parent 89c255294a
1 changed files with 3 additions and 3 deletions
--- a/6
+++ b/6
@ -171,9 +171,6 @@ Security related changes:
  corruption when they were passed a pseudo-zero argument.  Reported by Guido
  Vranken / ForAllSecure Mayhem.

-  CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
-  out-of-bounds write when executed in a signal frame context.
-
  CVE-2020-1752: A use-after-free vulnerability in the glob function when
  expanding ~user has been fixed.

@ -325,6 +322,9 @@ Changes to build and runtime requirements:

 Security related changes:

+  CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
+  out-of-bounds write when executed in a signal frame context.
+
  CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
  environment variable during program execution after a security
  transition, allowing local attackers to restrict the possible mapping