| Message ID | 20171201205553.24195-1-aurelien@aurel32.net |
|---|---|
| State | New |
| Headers | show |
| Series | [COMMITTED] Update NEWS to add CVE-2017-15804 entry | expand |
diff --git a/NEWS b/NEWS index 48af4acaea..10f695aab1 100644 --- a/NEWS +++ b/NEWS @@ -100,8 +100,8 @@ Security related changes: processing, leading to a memory leak and, potentially, to a denial of service. - The glob function, when invoked with GLOB_TILDE and without - GLOB_NOESCAPE, could write past the end of a buffer while + CVE-2017-15804: The glob function, when invoked with GLOB_TILDE and + without GLOB_NOESCAPE, could write past the end of a buffer while unescaping user names. Reported by Tim Rühsen. The following bugs are resolved with this release: