From 17a0126abf02955cabf6256c67f8f9462a64163f Mon Sep 17 00:00:00 2001 From: Aurelien Jarno Date: Thu, 30 Jul 2020 10:07:33 +0200 Subject: [PATCH] Add NEWS entry for CVE-2016-10228 (bug 19519) --- NEWS | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/NEWS b/NEWS index 85f91b3ecb..7454a4bfa0 100644 --- a/NEWS +++ b/NEWS @@ -167,6 +167,10 @@ Changes to build and runtime requirements: Security related changes: + CVE-2016-10228: An infinite loop has been fixed in the iconv program when + invoked with the -c option and when processing invalid multi-byte input + sequences. Reported by Jan Engelhardt. + CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack corruption when they were passed a pseudo-zero argument. Reported by Guido Vranken / ForAllSecure Mayhem. -- 2.43.5