about summary refs log tree commit diff
diff options
context:
space:
mode:
authorAurelien Jarno <aurelien@aurel32.net>2020-07-30 10:07:33 +0200
committerAurelien Jarno <aurelien@aurel32.net>2020-08-03 23:24:38 +0200
commit17a0126abf02955cabf6256c67f8f9462a64163f (patch)
treeb5545037efedcb2ce90c887e4e889a4fa9a88613
parent7650321ce037302bfc2f026aa19e0213b8d02fe6 (diff)
downloadglibc-17a0126abf02955cabf6256c67f8f9462a64163f.tar.gz
glibc-17a0126abf02955cabf6256c67f8f9462a64163f.tar.xz
glibc-17a0126abf02955cabf6256c67f8f9462a64163f.zip
Add NEWS entry for CVE-2016-10228 (bug 19519)
-rw-r--r--NEWS4
1 files changed, 4 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 85f91b3ecb..7454a4bfa0 100644
--- a/NEWS
+++ b/NEWS
@@ -167,6 +167,10 @@ Changes to build and runtime requirements:
 
 Security related changes:
 
+  CVE-2016-10228: An infinite loop has been fixed in the iconv program when
+  invoked with the -c option and when processing invalid multi-byte input
+  sequences.  Reported by Jan Engelhardt.
+
   CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
   corruption when they were passed a pseudo-zero argument.  Reported by Guido
   Vranken / ForAllSecure Mayhem.