diff options
| author |   Aurelien Jarno <aurelien@aurel32.net> | 2020-07-12 21:58:43 +0200 |
|---|---|---|
| committer |   Andreas K. Hüttel <dilfridge@gentoo.org> | 2020-07-18 17:28:01 +0300 |
| commit | b8fab3f3f942d1de3bb8dae93cf8b5e379f5f1c8 (patch) | |
| tree | 86a97e60b0b051188e9785544ac079dc12d1c6d9 | |
| parent | arm: CVE-2020-6096: Fix multiarch memcpy for negative length [BZ #25620] (diff) | |
| download | glibc-b8fab3f3f942d1de3bb8dae93cf8b5e379f5f1c8.tar.gz glibc-b8fab3f3f942d1de3bb8dae93cf8b5e379f5f1c8.tar.bz2 glibc-b8fab3f3f942d1de3bb8dae93cf8b5e379f5f1c8.zip | |
Add NEWS entry for CVE-2020-6096 (bug 25620)gentoo/glibc-2.31-8
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit 17400c4bcd57d84add1da3aa93248ef2efdb0ccb)
(cherry picked from commit 6f3459f9859a7b506c64fa1823769ab631072c6e)
| -rw-r--r-- | NEWS | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -37,6 +37,11 @@ Security related changes: CVE-2020-1752: A use-after-free vulnerability in the glob function when expanding ~user has been fixed. + CVE-2020-6096: A signed comparison vulnerability in the ARMv7 memcpy and + memmove functions has been fixed. Discovered by Jason Royes and Samual + Dytrych of the Cisco Security Assessment and Penetration Team (See + TALOS-2020-1019). + Version 2.31 |