Add NEWS entry for CVE-2020-1751 (bug 25423)
Commit Message
---
NEWS | 3 +++
1 file changed, 3 insertions(+)
Comments
On 3/24/20 11:06 AM, Aurelien Jarno wrote:
> ---
> NEWS | 3 +++
> 1 file changed, 3 insertions(+)
>
OK with suggested text.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
> diff --git a/NEWS b/NEWS
> index 68a408a3bc6..0b1a6b43683 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -25,6 +25,9 @@ Security related changes:
> corruption when they were passed a pseudo-zero argument. Reported by Guido
> Vranken / ForAllSecure Mayhem.
>
> + CVE-2020-1751: When unwinding through a signal frame the backtrace function
> + on PowerPC didn't check array bounds when storing the frame address.
I want cause + consequence text for CVEs.
Suggesting:
CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
out-of-bounds write when executed in a signal frame context.
> +
> CVE-2020-1752: A use-after-free vulnerability in the glob function when
> expanding ~user has been fixed.
>
>
On 2020-03-24 12:48, Carlos O'Donell wrote:
> On 3/24/20 11:06 AM, Aurelien Jarno wrote:
> > ---
> > NEWS | 3 +++
> > 1 file changed, 3 insertions(+)
> >
>
> OK with suggested text.
>
> Reviewed-by: Carlos O'Donell <carlos@redhat.com>
>
> > diff --git a/NEWS b/NEWS
> > index 68a408a3bc6..0b1a6b43683 100644
> > --- a/NEWS
> > +++ b/NEWS
> > @@ -25,6 +25,9 @@ Security related changes:
> > corruption when they were passed a pseudo-zero argument. Reported by Guido
> > Vranken / ForAllSecure Mayhem.
> >
> > + CVE-2020-1751: When unwinding through a signal frame the backtrace function
> > + on PowerPC didn't check array bounds when storing the frame address.
>
> I want cause + consequence text for CVEs.
>
> Suggesting:
>
> CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
> out-of-bounds write when executed in a signal frame context.
>
Thanks for the review and the suggestion. I have just committed it with
the suggested text.
Cheers,
Aurelien
@@ -25,6 +25,9 @@ Security related changes:
corruption when they were passed a pseudo-zero argument. Reported by Guido
Vranken / ForAllSecure Mayhem.
+ CVE-2020-1751: When unwinding through a signal frame the backtrace function
+ on PowerPC didn't check array bounds when storing the frame address.
+
CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.