aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAurelien Jarno <aurelien@aurel32.net>2020-07-30 10:07:33 +0200
committerAndreas K. Hüttel <dilfridge@gentoo.org>2020-09-04 13:39:02 +0300
commit422800bff3f152765df75d15eed85e18ae47535b (patch)
treea2712588459672aaea3fb041d9ff47b99cd39e8d
parentRewrite iconv option parsing [BZ #19519] (diff)
downloadglibc-422800bff3f152765df75d15eed85e18ae47535b.tar.gz
glibc-422800bff3f152765df75d15eed85e18ae47535b.tar.bz2
glibc-422800bff3f152765df75d15eed85e18ae47535b.zip
Add NEWS entry for CVE-2016-10228 (bug 19519)gentoo/glibc-2.31-9gentoo/2.31
(cherry picked from commit 17a0126abf02955cabf6256c67f8f9462a64163f) (cherry picked from commit 6fdf971c9dbf7dac9bea552113fe4694015bbc4d)
-rw-r--r--NEWS4
1 files changed, 4 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 898501b153..d3ffb82294 100644
--- a/NEWS
+++ b/NEWS
@@ -31,6 +31,10 @@ The following bugs are resolved with this release:
Security related changes:
+ CVE-2016-10228: An infinite loop has been fixed in the iconv program when
+ invoked with the -c option and when processing invalid multi-byte input
+ sequences. Reported by Jan Engelhardt.
+
CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
corruption when they were passed a pseudo-zero argument. Reported by Guido
Vranken / ForAllSecure Mayhem.