lib/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2025-10-28 23:34:53 +03:00
Code Activity

Add ChangeLog reference to bug 16750/CVE-2009-5064

Browse Source
This commit is contained in:
Florian Weimer
2017-08-16 16:47:20 +02:00
parent eedca9772e
commit 403143e1df
2 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@@ -1,5 +1,7 @@
2017-08-16 Andreas Schwab <schwab@suse.de> 2017-08-16 Andreas Schwab <schwab@suse.de>
[BZ #16750]
CVE-2009-5064
* elf/ldd.bash.in: Never run file directly. * elf/ldd.bash.in: Never run file directly.
2017-08-15 H.J. Lu <hongjiu.lu@intel.com> 2017-08-15 H.J. Lu <hongjiu.lu@intel.com>

6
NEWS
View File

@@ -22,7 +22,11 @@ Changes to build and runtime requirements:
Security related changes: Security related changes:
[Add security related changes here] CVE-2009-5064: The ldd script would sometimes run the program under
examination directly, without preventing code execution through the
dynamic linker. (The glibc project disputes that this is a security
vulnerability; only trusted binaries must be examined using the ldd
script.)
The following bugs are resolved with this release: The following bugs are resolved with this release: