Message ID | 20200730115152.3545521-1-aurelien@aurel32.net |
---|---|
State | New |
Headers | show |
Series | [v2] Add NEWS entry for CVE-2016-10228 (bug 19519) | expand |
On 7/30/20 7:51 AM, Aurelien Jarno wrote: > --- > NEWS | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/NEWS b/NEWS > index 1ef4a0a7a47..0ce408528f2 100644 > --- a/NEWS > +++ b/NEWS > @@ -154,6 +154,10 @@ Changes to build and runtime requirements: > > Security related changes: > > + CVE-2016-10228: An infinite loop has been fixed in the iconv program when > + invoked with the -c option and when processing invalid multi-byte input > + sequences. Reported by Jan Engelhardt. > + > CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack > corruption when they were passed a pseudo-zero argument. Reported by Guido > Vranken / ForAllSecure Mayhem. > OK for 2.32. Please push ASAP. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
On 2020-08-03 14:54, Carlos O'Donell wrote: > On 7/30/20 7:51 AM, Aurelien Jarno wrote: > > --- > > NEWS | 4 ++++ > > 1 file changed, 4 insertions(+) > > > > diff --git a/NEWS b/NEWS > > index 1ef4a0a7a47..0ce408528f2 100644 > > --- a/NEWS > > +++ b/NEWS > > @@ -154,6 +154,10 @@ Changes to build and runtime requirements: > > > > Security related changes: > > > > + CVE-2016-10228: An infinite loop has been fixed in the iconv program when > > + invoked with the -c option and when processing invalid multi-byte input > > + sequences. Reported by Jan Engelhardt. > > + > > CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack > > corruption when they were passed a pseudo-zero argument. Reported by Guido > > Vranken / ForAllSecure Mayhem. > > > > OK for 2.32. Please push ASAP. > > Reviewed-by: Carlos O'Donell <carlos@redhat.com> Thanks for the review, I have just push the changes. Aurelien
diff --git a/NEWS b/NEWS index 1ef4a0a7a47..0ce408528f2 100644 --- a/NEWS +++ b/NEWS @@ -154,6 +154,10 @@ Changes to build and runtime requirements: Security related changes: + CVE-2016-10228: An infinite loop has been fixed in the iconv program when + invoked with the -c option and when processing invalid multi-byte input + sequences. Reported by Jan Engelhardt. + CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack corruption when they were passed a pseudo-zero argument. Reported by Guido Vranken / ForAllSecure Mayhem.