From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 1804) id 63BF0382F992; Fri, 7 Oct 2022 08:20:07 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 63BF0382F992 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1665130807; bh=dukjS+/acPwvL0f5exhBlKF0y4NpshS0fIGr2wgyr2E=; h=From:To:Subject:Date:From; b=KMr5lPqb3EX39O7Xx4DKAlGoGB7z0yHC+YcMNeatku6iItCwnQRitV/dPMTyZuZDU Fy1aITaYwbisQ1YXj42IWgchgP3NtzKWRFdLk5fYNYERtfEnQ4pz+ViTLGZKM7ZNiZ n8os4lYT11K+jzuXmIX/2Noq9aZQzsIgIF287EnA= Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Dmitry Levin To: glibc-cvs@sourceware.org Subject: [glibc/release/2.32/master] NEWS: Mention CVE-2019-25013 X-Act-Checkin: glibc X-Git-Author: Siddhesh Poyarekar X-Git-Refname: refs/heads/release/2.32/master X-Git-Oldrev: 32022774db16ae5e41a940e559f11eb74bb011bf X-Git-Newrev: b2229db87d686c37839176bddcfbfe98a7376fd7 Message-Id: <20221007082007.63BF0382F992@sourceware.org> Date: Fri, 7 Oct 2022 08:20:07 +0000 (GMT) List-Id: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b2229db87d686c37839176bddcfbfe98a7376fd7 commit b2229db87d686c37839176bddcfbfe98a7376fd7 Author: Siddhesh Poyarekar Date: Fri Jan 8 09:17:06 2021 +0530 NEWS: Mention CVE-2019-25013 (cherry picked from commit 18b640c57094236e6c991ba16f87467085a1d55a) Diff: --- NEWS | 3 +++ 1 file changed, 3 insertions(+) diff --git a/NEWS b/NEWS index cf8c54f681..e92ecf66c8 100644 --- a/NEWS +++ b/NEWS @@ -9,6 +9,9 @@ Version 2.32.1 Security related changes: + CVE-2019-25013: A buffer overflow has been fixed in the iconv function when + invoked with EUC-KR input containing invalid multibyte input sequences. + CVE-2020-27618: An infinite loop has been fixed in the iconv program when invoked with input containing redundant shift sequences in the IBM1364, IBM1371, IBM1388, IBM1390, or IBM1399 character sets.