about summary refs log tree commit diff
path: root/NEWS
diff options
context:
space:
mode:
Diffstat (limited to 'NEWS')
-rw-r--r--NEWS7
1 files changed, 6 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index ebcefb5a80..4e722f738e 100644
--- a/NEWS
+++ b/NEWS
@@ -10,7 +10,7 @@ Version 2.19.1
 * The following bugs are resolved with this release:
 
   15946, 16545, 16574, 16623, 16695, 16878, 16882, 16885, 16916, 16932,
-  16943, 16958, 17048, 17069, 17137, 17263.
+  16943, 16958, 17048, 17069, 17137, 17263, 17325.
 
 * Reverted change of ABI data structures for s390 and s390x:
   On s390 and s390x the size of struct ucontext and jmp_buf was increased in
@@ -44,6 +44,11 @@ Version 2.19.1
   normal gconv conversion modules are still supported.  Transliteration
   with //TRANSLIT is still possible, and the //IGNORE specifier
   continues to be  supported. (CVE-2014-5119)
+
+* Decoding a crafted input sequence in the character sets IBM933, IBM935,
+  IBM937, IBM939, IBM1364 could result in an out-of-bounds array read,
+  resulting a denial-of-service security vulnerability in applications which
+  use functions related to iconv. (CVE-2014-6040)
 
 Version 2.19
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-03 04:07:57 +0000