public inbox for glibc-cvs@sourceware.org
help / color / mirror / Atom feed
* [glibc/release/2.32/master] NEWS: Mention CVE-2020-29562 (BZ #26923)
@ 2022-10-07 8:20 Dmitry Levin
0 siblings, 0 replies; only message in thread
From: Dmitry Levin @ 2022-10-07 8:20 UTC (permalink / raw)
To: glibc-cvs
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6fd634e9b922a4a1293f0cf5a8f6c908f68c5401
commit 6fd634e9b922a4a1293f0cf5a8f6c908f68c5401
Author: Siddhesh Poyarekar <siddhesh@sourceware.org>
Date: Mon Dec 7 22:29:18 2020 +0530
NEWS: Mention CVE-2020-29562 (BZ #26923)
BZ #26923 now has a CVE entry, so add a NEWS entry for it.
(cherry picked from commit 38a9e93cb1c58e3c899d638480e6d6e42af8e6fc)
Diff:
---
NEWS | 3 +++
1 file changed, 3 insertions(+)
diff --git a/NEWS b/NEWS
index 3e28b3902e..f087aff61e 100644
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,9 @@ Security related changes:
CVE-2019-25013: A buffer overflow has been fixed in the iconv function when
invoked with EUC-KR input containing invalid multibyte input sequences.
+ CVE-2020-29562: An assertion failure has been fixed in the iconv function
+ when invoked with UCS4 input containing an invalid character.
+
CVE-2020-27618: An infinite loop has been fixed in the iconv program when
invoked with input containing redundant shift sequences in the IBM1364,
IBM1371, IBM1388, IBM1390, or IBM1399 character sets.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-10-07 8:20 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-10-07 8:20 [glibc/release/2.32/master] NEWS: Mention CVE-2020-29562 (BZ #26923) Dmitry Levin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).