5dd88c98a04b242680da1556543edef55bd9c5a0

~ chicken-core (chicken-5) 5dd88c98a04b242680da1556543edef55bd9c5a0
commit 5dd88c98a04b242680da1556543edef55bd9c5a0
Author:     Peter Bex <peter.bex@xs4all.nl>
AuthorDate: Fri Feb 8 14:19:00 2013 +0100
Commit:     Peter Bex <peter.bex@xs4all.nl>
CommitDate: Fri Feb 8 14:19:00 2013 +0100

    Add CVE identifiers to the security issues in the NEWS file

diff --git a/NEWS b/NEWS
index ad77c580..3397b2e3 100644
--- a/NEWS
+++ b/NEWS
@@ -8,8 +8,8 @@
 4.8.1
 
 - Security fixes
-  - Use POSIX poll() on systems where available.  This avoids a design flaw
-    in select(); it supports no more than FD_SETSIZE descriptors.
+  - CVE-2012-6122: Use POSIX poll() on systems where available.  This avoids a
+    design flaw in select(); it supports no more than FD_SETSIZE descriptors.
 
 - Core libraries
   - Fixed EINTR handling in process-wait and when reading from file ports.
@@ -99,15 +99,16 @@
 4.8.0
 
 - Security fixes
-  - improved hash table collision resistance and added randomization
-    to prevent malicious external causes of collisions.  All SRFI-69
-    procedures accept extra arguments to control randomization for
-    testing/debugging.
-  - on 64-bit machines the "random" procedure no longer truncates result
-    values (which caused very nonrandom results for very large values).
-    Note that random shouldn't be used for security-critical code.
-  - Added checks for embedded '\0' characters in strings passed to some
-    C functions on a lower level than Chicken's FFI.
+  - CVE-2012-6125: Improved hash table collision resistance and added
+    randomization to prevent malicious external causes of collisions.
+    All SRFI-69 procedures accept extra arguments to control randomization
+    for testing/debugging.
+  - CVE-2012-6124: On 64-bit machines the "random" procedure no longer
+    truncates result values (which caused very nonrandom results for very
+    large values). Note that random shouldn't be used for
+    security-critical code.
+  - CVE-2012-6123: Added checks for embedded '\0' characters in strings
+    passed to some C functions on a lower level than Chicken's FFI.
 
 - Build system
   - version information has been moved into a separate unit to make the
Trap