mirror/glibc
2
0
Fork 0
mirror of git://sourceware.org/git/glibc.git synced 2025-04-06 14:10:30 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add NEWS entry for CVE-2018-11236

Browse Source
This commit is contained in:
Florian Weimer 2018-05-24 16:27:38 +02:00
parent a5bc5ec967
commit 4df8479e6b
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
NEWS
View File

@ -74,6 +74,10 @@ Security related changes:
the value of SIZE_MAX, would return a pointer to a buffer which is too
small, instead of NULL.
CVE-2018-11236: Very long pathname arguments to realpath function could
result in an integer overflow and buffer overflow. Reported by Alexey
Izbyshev.
CVE-2018-11237: The mempcpy implementation for the Intel Xeon Phi
architecture could write beyond the target buffer, resulting in a buffer
overflow. Reported by Andreas Schwab.