diff options
| -rw-r--r-- | NEWS | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/NEWS b/NEWS index d2c2a0ec67..b743fba3c7 100644 --- a/NEWS +++ b/NEWS @@ -32,6 +32,12 @@ CVE-2020-27618: An infinite loop has been fixed in the iconv program when CVE-2020-29562: An assertion failure has been fixed in the iconv function when invoked with UCS4 input containing an invalid character. + CVE-2021-3326: An assertion failure during conversion from the + qISO-20220-JP-3 character set using the iconv function has been fixed. + This assertion was triggered by certain valid inputs in which the + converted output contains a combined sequence of two wide characters + crossing a buffer boundary. Reported by Tavis Ormandy. + The following bugs are resolved with this release: [20019] NULL pointer dereference in libc.so.6 IFUNC due to uninitialized GOT |