From 46960cebc16c926ab025bbbc62a682dd826ad404 Mon Sep 17 00:00:00 2001
From: Miklos Szeredi <miklos@szeredi.hu>
Date: Thu, 2 Jun 2005 09:05:00 +0000
Subject: security fix

---
 ChangeLog | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'ChangeLog')

diff --git a/ChangeLog b/ChangeLog
index fe88ba4..698b3c5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2005-06-02  Miklos Szeredi <miklos@szeredi.hu>
+
+	* Fix serious information leak: if the filesystem returns a short
+	byte count to a read request, and there are non-zero number of
+	pages which are not filled at all, these pages will not be zeroed.
+	Hence the user can read out previous memory contents.  Found by
+	Sven Tantau.
+
 2005-05-27  Miklos Szeredi <miklos@szeredi.hu>
 
 	* Add "readdir_ino" mount option, which tries to fill in the d_ino
-- 
cgit v1.2.3