| Message ID | 407b005f-a9cc-3dd9-378c-2a5936eba57a@redhat.com |
|---|---|
| State | New |
| Headers | show |
diff --git a/NEWS b/NEWS index fe9ff1c..aaed9e0 100644 --- a/NEWS +++ b/NEWS @@ -34,7 +34,11 @@ Version 2.25 Security related changes: - [Add security related changes here] + On ARM EABI (32-bit), generating a backtrace for execution contexts which + have been created with makecontext could fail to terminate due to a + missing .cantunwind annotation. This has been observed to lead to a hang + (denial of service) in some Go applications compiled with gccgo. Reported + by Andreas Schwab. (CVE-2016-6323) The following bugs are resolved with this release: