From ba0d798c17cafecd97b2cadf8b5e19800b967f82 Mon Sep 17 00:00:00 2001 From: Will Newton Date: Fri, 13 Sep 2013 09:26:02 +0100 Subject: [PATCH] Add CVE-2013-4332 to NEWS. --- NEWS | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/NEWS b/NEWS index b1d4d3db63..af58b752ea 100644 --- a/NEWS +++ b/NEWS @@ -17,6 +17,11 @@ Version 2.19 to the d_name member of struct dirent, or omit the terminating NUL character. (Bugzilla #14699). +* CVE-2013-4332 The pvalloc, valloc, memalign, posix_memalign and + aligned_alloc functions could allocate too few bytes or corrupt the + heap when passed very large allocation size values (Bugzilla #15855, + #15856, #15857). + * New locales: quz_PE. * Add country_car field to LC_ADDRESS, many locales.