about summary refs log tree commit diff
diff options
context:
space:
mode:
authorSiddhesh Poyarekar <siddhesh@sourceware.org>2021-01-08 09:17:06 +0530
committerDmitry V. Levin <ldv@altlinux.org>2022-10-04 08:00:00 +0000
commitb2229db87d686c37839176bddcfbfe98a7376fd7 (patch)
treef57611d21b25f03d57058eed8c001bc45f19bd13
parent32022774db16ae5e41a940e559f11eb74bb011bf (diff)
downloadglibc-b2229db87d686c37839176bddcfbfe98a7376fd7.tar.gz
glibc-b2229db87d686c37839176bddcfbfe98a7376fd7.tar.xz
glibc-b2229db87d686c37839176bddcfbfe98a7376fd7.zip
NEWS: Mention CVE-2019-25013
(cherry picked from commit 18b640c57094236e6c991ba16f87467085a1d55a)
Diffstat
-rw-r--r--NEWS3
1 files changed, 3 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index cf8c54f681..e92ecf66c8 100644
--- a/NEWS
+++ b/NEWS
@@ -9,6 +9,9 @@ Version 2.32.1
 
 Security related changes:
 
+  CVE-2019-25013: A buffer overflow has been fixed in the iconv function when
+  invoked with EUC-KR input containing invalid multibyte input sequences.
+
   CVE-2020-27618: An infinite loop has been fixed in the iconv program when
   invoked with input containing redundant shift sequences in the IBM1364,
   IBM1371, IBM1388, IBM1390, or IBM1399 character sets.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-20 07:14:57 +0000