From patchwork Thu Jul 30 08:08:30 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Aurelien Jarno X-Patchwork-Id: 40192 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id D6BD53857C61; Thu, 30 Jul 2020 08:08:43 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from hall.aurel32.net (hall.aurel32.net [IPv6:2001:bc8:30d7:100::1]) by sourceware.org (Postfix) with ESMTPS id 9773C3857C41 for ; Thu, 30 Jul 2020 08:08:41 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 9773C3857C41 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=aurel32.net Authentication-Results: sourceware.org; spf=none smtp.mailfrom=aurelien@aurel32.net DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=aurel32.net ; s=202004.hall; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date: Subject:Cc:To:From:Content-Type:From:Reply-To:Subject:Content-ID: Content-Description:In-Reply-To:References:X-Debbugs-Cc; bh=pUy/jL9RSHzdQBZd+lDgfm5Xhb+lhgZ27gJmgbJqwvY=; b=uQEa8BRga0Px93JCFGe/HiYZsQ +oFUI4zWYCa4Pfb9NP11CZwa+swRUfaVH0eVNX4iAQkeSwziP1EWWfK0PJKdrU7lDfjN7Oc/xEdgP rrNaWe1zAr6RruGsIRE+pxa5FP6IxlRemBxzEP4B3WW3Cw3KXxKJ/fxssTyz5gbrMS4mtLb+9cWwi eqZ0TCE+7mSIOUQU7uZEc7APizjM8Jx97KRLWxf5J+LRPDHt9L9iY9bviFUb3bdxX0wHpwupDN27d tFTUIe00bDRUuq4sATu++oMuL3LLbjfoAMelIGX++bRSrqhukRYQh3JXI4yJTi68pgzKCLMbpfH/h 3GNMkGpg==; Received: from ohm.aurel32.net ([2001:bc8:30d7:111::1000]) by hall.aurel32.net with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1k13cG-0006W6-Ht; Thu, 30 Jul 2020 10:08:40 +0200 Received: from aurel32 by ohm.aurel32.net with local (Exim 4.94) (envelope-from ) id 1k13cE-0083fZ-47; Thu, 30 Jul 2020 10:08:38 +0200 From: Aurelien Jarno To: libc-alpha@sourceware.org Subject: [PATCH] Add NEWS entry for CVE-2016-10228 (bug 19519) Date: Thu, 30 Jul 2020 10:08:30 +0200 Message-Id: <20200730080830.1920521-1-aurelien@aurel32.net> X-Mailer: git-send-email 2.27.0 MIME-Version: 1.0 X-Spam-Status: No, score=-10.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, SPF_HELO_PASS, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Aurelien Jarno Errors-To: libc-alpha-bounces@sourceware.org Sender: "Libc-alpha" --- NEWS | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/NEWS b/NEWS index 1ef4a0a7a47..1625e55cccb 100644 --- a/NEWS +++ b/NEWS @@ -154,6 +154,10 @@ Changes to build and runtime requirements: Security related changes: + CVE-2016-10228: An infinite loop has been fixed in the iconv program when + invoked with the -c option and when processing invalid multi-byte input + sequences. + CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack corruption when they were passed a pseudo-zero argument. Reported by Guido Vranken / ForAllSecure Mayhem.