* [2.31 COMMITTED] Add NEWS entry for CVE-2020-6096 (bug 25620)
@ 2020-07-16 17:24 Aurelien Jarno
0 siblings, 0 replies; only message in thread
From: Aurelien Jarno @ 2020-07-16 17:24 UTC (permalink / raw)
To: libc-stable; +Cc: Aurelien Jarno, Carlos O'Donell
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit 17400c4bcd57d84add1da3aa93248ef2efdb0ccb)
---
NEWS | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/NEWS b/NEWS
index 0e2dc39523b..daf4b727cd7 100644
--- a/NEWS
+++ b/NEWS
@@ -37,6 +37,11 @@ Security related changes:
CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.
+ CVE-2020-6096: A signed comparison vulnerability in the ARMv7 memcpy and
+ memmove functions has been fixed. Discovered by Jason Royes and Samual
+ Dytrych of the Cisco Security Assessment and Penetration Team (See
+ TALOS-2020-1019).
+
\f
Version 2.31
--
2.27.0
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2020-07-16 17:24 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-16 17:24 [2.31 COMMITTED] Add NEWS entry for CVE-2020-6096 (bug 25620) Aurelien Jarno
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).