[v2,2/2] Add NEWS entry for CVE-2020-6096 (bug 25620)
Commit Message
---
NEWS | 5 +++++
1 file changed, 5 insertions(+)
Comments
OK for 2.32
Reviewed-by: Carlos O'Donell <carlos@redhat.com
On 7/13/20 5:23 PM, Aurelien Jarno wrote:
> ---
> NEWS | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/NEWS b/NEWS
> index 81b014a7ee4..5051e804eaf 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -174,6 +174,11 @@ Security related changes:
> CVE-2020-1752: A use-after-free vulnerability in the glob function when
> expanding ~user has been fixed.
>
> + CVE-2020-6096: A signed comparison vulnerability in the ARMv7 memcpy and
> + memmove functions has been fixed. Discovered by Jason Royes and Samual
> + Dytrych of the Cisco Security Assessment and Penetration Team (See
> + TALOS-2020-1019).
> +
> The following bugs are resolved with this release:
>
> [The release manager will add the list generated by
>
@@ -174,6 +174,11 @@ Security related changes:
CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.
+ CVE-2020-6096: A signed comparison vulnerability in the ARMv7 memcpy and
+ memmove functions has been fixed. Discovered by Jason Royes and Samual
+ Dytrych of the Cisco Security Assessment and Penetration Team (See
+ TALOS-2020-1019).
+
The following bugs are resolved with this release:
[The release manager will add the list generated by