Update NEWS for CVE-2019-25013.

author: Siddhesh Poyarekar <siddhesh@sourceware.org> 2021-01-08 09:17:06 +0530
committer: Siddhesh Poyarekar <siddhesh@sourceware.org> 2021-01-08 09:20:29 +0530
commit: 18b640c57094236e6c991ba16f87467085a1d55a (patch)
tree: 0a7ceafafcb4ab2615f01bcf42afd86dfad58911 /NEWS
parent: ecce11aa0752735c4fd730da6e7c9e0b98e12fb8 (diff)
download: glibc-18b640c57094236e6c991ba16f87467085a1d55a.tar.gz
glibc-18b640c57094236e6c991ba16f87467085a1d55a.tar.xz
glibc-18b640c57094236e6c991ba16f87467085a1d55a.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 8f40026458..face78cd10 100644
--- a/NEWS
+++ b/NEWS
@@ -84,6 +84,9 @@ Security related changes:
   CVE-2020-29562: An assertion failure has been fixed in the iconv function
   when invoked with UCS4 input containing an invalid character.
 
+  CVE-2019-25013: A buffer overflow has been fixed in the iconv function when
+  invoked with EUC-KR input containing invalid multibyte input sequences.
+
 The following bugs are resolved with this release:
 
   [The release manager will add the list generated by
author	Siddhesh Poyarekar <siddhesh@sourceware.org>	2021-01-08 09:17:06 +0530
committer	Siddhesh Poyarekar <siddhesh@sourceware.org>	2021-01-08 09:20:29 +0530
commit	18b640c57094236e6c991ba16f87467085a1d55a (patch)
tree	0a7ceafafcb4ab2615f01bcf42afd86dfad58911 /NEWS
parent	ecce11aa0752735c4fd730da6e7c9e0b98e12fb8 (diff)
download	glibc-18b640c57094236e6c991ba16f87467085a1d55a.tar.gz glibc-18b640c57094236e6c991ba16f87467085a1d55a.tar.xz glibc-18b640c57094236e6c991ba16f87467085a1d55a.zip