From patchwork Thu Dec 18 01:03:17 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Allan McRae X-Patchwork-Id: 4330 Received: (qmail 29633 invoked by alias); 18 Dec 2014 01:03:39 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 29607 invoked by uid 89); 18 Dec 2014 01:03:35 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.2 required=5.0 tests=AWL, BAYES_00, SPF_PASS, T_RP_MATCHES_RCVD autolearn=ham version=3.3.2 X-HELO: nymeria.archlinux.org From: Allan McRae To: libc-alpha@sourceware.org Subject: [COMMITTED] Label CVE-2014-9402 in NEWS Date: Thu, 18 Dec 2014 11:03:17 +1000 Message-Id: <1418864597-4837-1-git-send-email-allan@archlinux.org> --- NEWS | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index 05b398e..6b34b13 100644 --- a/NEWS +++ b/NEWS @@ -26,8 +26,9 @@ Version 2.21 * CVE-2012-3406 printf-style functions could run into a stack overflow when processing format strings with a large number of format specifiers. -* The nss_dns implementation of getnetbyname could run into an infinite loop - if the DNS response contained a PTR record of an unexpected format. +* CVE-2014-9402 The nss_dns implementation of getnetbyname could run into an + infinite loop if the DNS response contained a PTR record of an unexpected + format. * The minimum GCC version that can be used to build this version of the GNU C Library is GCC 4.6. Older GCC versions, and non-GNU compilers, can