Add CVE-2013-4332 to NEWS.

author Will Newton <will.newton@linaro.org>

Fri, 13 Sep 2013 08:26:02 +0000 (09:26 +0100)

committer Will Newton <will.newton@linaro.org>

Fri, 13 Sep 2013 08:26:02 +0000 (09:26 +0100)
author Will Newton <will.newton@linaro.org>
Fri, 13 Sep 2013 08:26:02 +0000 (09:26 +0100)
committer Will Newton <will.newton@linaro.org>
Fri, 13 Sep 2013 08:26:02 +0000 (09:26 +0100)
diff --git a/NEWS b/NEWS

index b1d4d3d..af58b75 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -17,6 +17,11 @@ Version 2.19
    to the d_name member of struct dirent, or omit the terminating NUL
    character.  (Bugzilla #14699).
  
+* CVE-2013-4332 The pvalloc, valloc, memalign, posix_memalign and
+  aligned_alloc functions could allocate too few bytes or corrupt the
+  heap when passed very large allocation size values (Bugzilla #15855,
+  #15856, #15857).
+
  * New locales: quz_PE.
  
  * Add country_car field to LC_ADDRESS, many locales.
author	Will Newton <will.newton@linaro.org>
	Fri, 13 Sep 2013 08:26:02 +0000 (09:26 +0100)
committer	Will Newton <will.newton@linaro.org>
	Fri, 13 Sep 2013 08:26:02 +0000 (09:26 +0100)