diff options
| author | Aurelien Jarno <aurelien@aurel32.net> | 2020-03-24 22:49:10 +0100 |
|---|---|---|
| committer | Dmitry V. Levin <ldv@altlinux.org> | 2020-11-16 08:00:00 +0000 |
| commit | e07504674324fd2fea2fab7d30277725b2b0fe3b (patch) | |
| tree | 8adcfc6dca5159b34e7d1dac9086bcdb53f7804c | |
| parent | daf88b1dd1a41fcb324801c02ead7a8d5aac3851 (diff) | |
Add NEWS entry for CVE-2020-1751 (bug 25423)
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit 07d16a6debc830ebcf9533da5396edd2eff688e0)
| -rw-r--r-- | NEWS | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -73,6 +73,9 @@ Security related changes: addresses for loaded libraries and thus bypass ASLR for a setuid program. Reported by Marcin KoĆcielnicki. + CVE-2020-1751: A defect in the PowerPC backtrace function could cause an + out-of-bounds write when executed in a signal frame context. + CVE-2020-1752: A use-after-free vulnerability in the glob function when expanding ~user has been fixed. |