mirror of
git://sourceware.org/git/glibc.git
synced 2024-11-21 01:12:26 +08:00
NEWS entry for CVE-2016-3075
This commit is contained in:
parent
4ab2ab03d4
commit
f5b3338d70
4
NEWS
4
NEWS
@ -27,6 +27,10 @@ Version 2.24
|
||||
|
||||
Security related changes:
|
||||
|
||||
* An unnecessary stack copy in _nss_dns_getnetbyname_r was removed. It
|
||||
could result in a stack overflow when getnetbyname was called with an
|
||||
overly long name. (CVE-2016-3075)
|
||||
|
||||
* Previously, getaddrinfo copied large amounts of address data to the stack,
|
||||
even after the fix for CVE-2013-4458 has been applied, potentially
|
||||
resulting in a stack overflow. getaddrinfo now uses a heap allocation
|
||||
|
Loading…
Reference in New Issue
Block a user