]> git.ipfire.org Git - thirdparty/glibc.git/blobdiff - NEWS
projects / thirdparty / glibc.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add NEWS entry for CVE-2020-6096 (bug 25620)
[thirdparty/glibc.git] / NEWS
diff --git a/NEWS b/NEWS
index 81b014a7ee47b42fb3cbbbe8ef9e44ca50905dc8..5051e804eaf2eb629897ee37aadf9e8e8558d582 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -174,6 +174,11 @@ Security related changes:
   CVE-2020-1752: A use-after-free vulnerability in the glob function when
   expanding ~user has been fixed.
 
+  CVE-2020-6096: A signed comparison vulnerability in the ARMv7 memcpy and
+  memmove functions has been fixed.  Discovered by Jason Royes and Samual
+  Dytrych of the Cisco Security Assessment and Penetration Team (See
+  TALOS-2020-1019).
+
 The following bugs are resolved with this release:
 
   [The release manager will add the list generated by
A mirror of the official glibc repository