CVE-2017-15670: glob: Fix one-byte overflow [BZ #22320]

author: Paul Eggert <eggert@cs.ucla.edu> 2017-10-20 18:41:14 +0200
committer: Florian Weimer <fweimer@redhat.com> 2017-10-20 18:46:48 +0200
commit: c369d66e5426a30e4725b100d5cd28e372754f90 (patch)
tree: 252d4ee0e4196f335fc864d10a38f5c6cb6c36f3 /NEWS
parent: 6d43de4b85b11d26a19bebe4f55f31be16e3d419 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index ad680db874..e0e505690b 100644
--- a/NEWS
+++ b/NEWS
@@ -72,6 +72,10 @@ Security related changes:
   vulnerability; only trusted binaries must be examined using the ldd
   script.)
 
+  CVE-2017-15670: The glob function, when invoked with GLOB_TILDE, suffered
+  from a one-byte overflow during ~ operator processing (either on the stack
+  or the heap, depending on the length of the user name).
+
 The following bugs are resolved with this release:
 
   [The release manager will add the list generated by
author	Paul Eggert <eggert@cs.ucla.edu>	2017-10-20 18:41:14 +0200
committer	Florian Weimer <fweimer@redhat.com>	2017-10-20 18:46:48 +0200
commit	c369d66e5426a30e4725b100d5cd28e372754f90 (patch)
tree	252d4ee0e4196f335fc864d10a38f5c6cb6c36f3 /NEWS
parent	6d43de4b85b11d26a19bebe4f55f31be16e3d419 (diff)