diff options
| author | Siddhesh Poyarekar <siddhesh@sourceware.org> | 2020-12-07 22:29:18 +0530 |
|---|---|---|
| committer | Dmitry V. Levin <ldv@altlinux.org> | 2022-10-04 08:00:00 +0000 |
| commit | 6fd634e9b922a4a1293f0cf5a8f6c908f68c5401 (patch) | |
| tree | a89b15cc3220e8e549a7f82acf47e7f4d86062f8 | |
| parent | 1896ace5805f7322daeb367f57004c8ea15a1d70 (diff) | |
| download | glibc-6fd634e9b922a4a1293f0cf5a8f6c908f68c5401.tar.gz glibc-6fd634e9b922a4a1293f0cf5a8f6c908f68c5401.tar.xz glibc-6fd634e9b922a4a1293f0cf5a8f6c908f68c5401.zip | |
NEWS: Mention CVE-2020-29562 (BZ #26923)
BZ #26923 now has a CVE entry, so add a NEWS entry for it. (cherry picked from commit 38a9e93cb1c58e3c899d638480e6d6e42af8e6fc)
| -rw-r--r-- | NEWS | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/NEWS b/NEWS index 3e28b3902e..f087aff61e 100644 --- a/NEWS +++ b/NEWS @@ -12,6 +12,9 @@ Security related changes: CVE-2019-25013: A buffer overflow has been fixed in the iconv function when invoked with EUC-KR input containing invalid multibyte input sequences. + CVE-2020-29562: An assertion failure has been fixed in the iconv function + when invoked with UCS4 input containing an invalid character. + CVE-2020-27618: An infinite loop has been fixed in the iconv program when invoked with input containing redundant shift sequences in the IBM1364, IBM1371, IBM1388, IBM1390, or IBM1399 character sets. |