Add NEWS entry for CVE-2020-1752 (bug 25414)

Message ID
State Superseded
Series Add NEWS entry for CVE-2020-1752 (bug 25414) |

Commit Message

Aurelien Jarno March 13, 2020, 9:30 p.m. UTC
 NEWS | 3 +++
 1 file changed, 3 insertions(+)

Bug 25414 got attributed a CVE entry. Here is a patch to add an entry


diff --git a/NEWS b/NEWS
index e0379fc53c1..68a408a3bc6 100644
--- a/NEWS
+++ b/NEWS
@@ -25,6 +25,9 @@  Security related changes:
   corruption when they were passed a pseudo-zero argument.  Reported by Guido
   Vranken / ForAllSecure Mayhem.
+  CVE-2020-1752: A use-after-free vulnerability in the glob function when
+  expanding ~user has been fixed.
 The following bugs are resolved with this release:
   [The release manager will add the list generated by