From: DJ Delorie <dj@redhat.com>
Date: Wed, 3 Mar 2021 19:52:57 +0000 (-0500)
Subject: NEWS: Add entry for CVE-2021-27645
X-Git-Tag: glibc-2.34~865
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=24eb3be5db5befefe4bcf0f438bf6629a9c3a608;p=thirdparty%2Fglibc.git

NEWS: Add entry for CVE-2021-27645
---

diff --git a/NEWS b/NEWS
index 73a1a0df972..aa0f10a891f 100644
--- a/NEWS
+++ b/NEWS
@@ -31,7 +31,10 @@ Changes to build and runtime requirements:
 
 Security related changes:
 
-  [Add security related changes here]
+  CVE-2021-27645: The nameserver caching daemon (nscd), when processing
+  a request for netgroup lookup, may crash due to a double-free,
+  potentially resulting in degraded service or Denial of Service on the
+  local system.  Reported by Chris Schanzle.
 
 The following bugs are resolved with this release: