Add NEWS entry for CVE-2016-10228 (bug 19519)

author: Aurelien Jarno <aurelien@aurel32.net> 2020-07-30 10:07:33 +0200
committer: Aurelien Jarno <aurelien@aurel32.net> 2020-08-03 23:24:38 +0200
commit: 17a0126abf02955cabf6256c67f8f9462a64163f (patch)
tree: b5545037efedcb2ce90c887e4e889a4fa9a88613 /NEWS
parent: 7650321ce037302bfc2f026aa19e0213b8d02fe6 (diff)
download: glibc-17a0126abf02955cabf6256c67f8f9462a64163f.tar.gz
glibc-17a0126abf02955cabf6256c67f8f9462a64163f.tar.xz
glibc-17a0126abf02955cabf6256c67f8f9462a64163f.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 85f91b3ecb..7454a4bfa0 100644
--- a/NEWS
+++ b/NEWS
@@ -167,6 +167,10 @@ Changes to build and runtime requirements:
 
 Security related changes:
 
+  CVE-2016-10228: An infinite loop has been fixed in the iconv program when
+  invoked with the -c option and when processing invalid multi-byte input
+  sequences.  Reported by Jan Engelhardt.
+
   CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
   corruption when they were passed a pseudo-zero argument.  Reported by Guido
   Vranken / ForAllSecure Mayhem.
author	Aurelien Jarno <aurelien@aurel32.net>	2020-07-30 10:07:33 +0200
committer	Aurelien Jarno <aurelien@aurel32.net>	2020-08-03 23:24:38 +0200
commit	17a0126abf02955cabf6256c67f8f9462a64163f (patch)
tree	b5545037efedcb2ce90c887e4e889a4fa9a88613 /NEWS
parent	7650321ce037302bfc2f026aa19e0213b8d02fe6 (diff)
download	glibc-17a0126abf02955cabf6256c67f8f9462a64163f.tar.gz glibc-17a0126abf02955cabf6256c67f8f9462a64163f.tar.xz glibc-17a0126abf02955cabf6256c67f8f9462a64163f.zip