From patchwork Thu Jan 4 12:40:10 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florian Weimer X-Patchwork-Id: 25208 Received: (qmail 97447 invoked by alias); 4 Jan 2018 12:40:14 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 97435 invoked by uid 89); 4 Jan 2018 12:40:14 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-26.9 required=5.0 tests=BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, SPF_HELO_PASS, T_RP_MATCHES_RCVD autolearn=ham version=3.3.2 spammy= X-HELO: mx1.redhat.com To: GNU C Library From: Florian Weimer Subject: [PATCH COMMITTED] Mention CVE-2017-16997 in ChangeLog Message-ID: Date: Thu, 4 Jan 2018 13:40:10 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0 MIME-Version: 1.0 commit 31f96325ca03429053199403651bb1b1b4db1dfb Author: Florian Weimer Date: Thu Jan 4 13:39:21 2018 +0100 Mention CVE-2017-16997 in ChangeLog diff --git a/ChangeLog b/ChangeLog index 40e4d1b4eb..878a738a32 100644 --- a/ChangeLog +++ b/ChangeLog @@ -109,6 +109,7 @@ Dmitry V. Levin [BZ #22625] + CVE-2017-16997 * elf/dl-load.c (fillin_rpath): Check for empty tokens before dynamic string token expansion. Check for NULL pointer or empty string possibly returned by expand_dynamic_string_token.