Add NEWS entry for CVE-2020-29562 (BZ #26923)

BZ #26923 now has a CVE entry, so add a NEWS entry for it. (cherry picked from commit 38a9e93cb1c58e3c899d638480e6d6e42af8e6fc)
author: Siddhesh Poyarekar <siddhesh@sourceware.org> 2020-12-07 22:29:18 +0530
committer: Dmitry V. Levin <ldv@altlinux.org> 2021-01-03 12:21:12 +0000
commit: 3668134a9ef34b1a96f6b56666ae04886a99d33f (patch)
tree: 8d7acbfa82f28e2003d99aa5076fbcbc3c388222
parent: 5fa7884e25c5d11718253244fd1bc570c60f4cc8 (diff)
download: glibc-3668134a9ef34b1a96f6b56666ae04886a99d33f.tar.gz
glibc-3668134a9ef34b1a96f6b56666ae04886a99d33f.tar.xz
glibc-3668134a9ef34b1a96f6b56666ae04886a99d33f.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 4482f95b94..f591f150d3 100644
--- a/NEWS
+++ b/NEWS
@@ -96,6 +96,9 @@ Security related changes:
   invoked with input containing redundant shift sequences in the IBM1364,
   IBM1371, IBM1388, IBM1390, or IBM1399 character sets.
 
+  CVE-2020-29562: An assertion failure has been fixed in the iconv function
+  when invoked with UCS4 input containing an invalid character.
+
 The following bugs are resolved with this release:
 
   [6889] 'PWD' mentioned but not specified
author	Siddhesh Poyarekar <siddhesh@sourceware.org>	2020-12-07 22:29:18 +0530
committer	Dmitry V. Levin <ldv@altlinux.org>	2021-01-03 12:21:12 +0000
commit	3668134a9ef34b1a96f6b56666ae04886a99d33f (patch)
tree	8d7acbfa82f28e2003d99aa5076fbcbc3c388222
parent	5fa7884e25c5d11718253244fd1bc570c60f4cc8 (diff)
download	glibc-3668134a9ef34b1a96f6b56666ae04886a99d33f.tar.gz glibc-3668134a9ef34b1a96f6b56666ae04886a99d33f.tar.xz glibc-3668134a9ef34b1a96f6b56666ae04886a99d33f.zip