NEWS: add fixed security advisories list

author Andreas K. Hüttel <dilfridge@gentoo.org>

Sat, 20 Jul 2024 16:55:07 +0000 (18:55 +0200)

committer Andreas K. Hüttel <dilfridge@gentoo.org>

Sat, 20 Jul 2024 16:55:07 +0000 (18:55 +0200)
author Andreas K. Hüttel <dilfridge@gentoo.org>
Sat, 20 Jul 2024 16:55:07 +0000 (18:55 +0200)
committer Andreas K. Hüttel <dilfridge@gentoo.org>
Sat, 20 Jul 2024 16:55:07 +0000 (18:55 +0200)
diff --git a/NEWS b/NEWS

index a014472772f9762fae585a442df5f308ced90db0..ae06f176617fd5aab8702e9e356e371bbbb587ff 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -71,8 +71,23 @@ Security related changes:
  The following CVEs were fixed in this release, details of which can be
  found in the advisories directory of the release tarball:
  
-  [The release manager will add the list generated by
-  scripts/process-advisories.sh just before the release.]
+  GLIBC-SA-2024-0004:
+    ISO-2022-CN-EXT: fix out-of-bound writes when writing escape
+    sequence (CVE-2024-2961)
+
+  GLIBC-SA-2024-0005:
+    nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599)
+
+  GLIBC-SA-2024-0006:
+    nscd: Null pointer crash after notfound response (CVE-2024-33600)
+
+  GLIBC-SA-2024-0007:
+    nscd: netgroup cache may terminate daemon on memory allocation
+    failure (CVE-2024-33601)
+
+  GLIBC-SA-2024-0008:
+    nscd: netgroup cache assumes NSS callback uses in-buffer strings
+    (CVE-2024-33602)
  
  The following bugs are resolved with this release:
author	Andreas K. Hüttel <dilfridge@gentoo.org>
	Sat, 20 Jul 2024 16:55:07 +0000 (18:55 +0200)
committer	Andreas K. Hüttel <dilfridge@gentoo.org>
	Sat, 20 Jul 2024 16:55:07 +0000 (18:55 +0200)