From: Andreas K. Hüttel <dilfridge@gentoo.org>
Date: Sat, 20 Jul 2024 16:55:07 +0000 (+0200)
Subject: NEWS: add fixed security advisories list
X-Git-Tag: glibc-2.40~8
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=391d9041f01282d243e7d3cbd272dffea5f2313c;p=thirdparty%2Fglibc.git

NEWS: add fixed security advisories list

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
---

diff --git a/NEWS b/NEWS
index a014472772..ae06f17661 100644
--- a/NEWS
+++ b/NEWS
@@ -71,8 +71,23 @@ Security related changes:
 The following CVEs were fixed in this release, details of which can be
 found in the advisories directory of the release tarball:
 
-  [The release manager will add the list generated by
-  scripts/process-advisories.sh just before the release.]
+  GLIBC-SA-2024-0004:
+    ISO-2022-CN-EXT: fix out-of-bound writes when writing escape
+    sequence (CVE-2024-2961)
+
+  GLIBC-SA-2024-0005:
+    nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599)
+
+  GLIBC-SA-2024-0006:
+    nscd: Null pointer crash after notfound response (CVE-2024-33600)
+
+  GLIBC-SA-2024-0007:
+    nscd: netgroup cache may terminate daemon on memory allocation
+    failure (CVE-2024-33601)
+
+  GLIBC-SA-2024-0008:
+    nscd: netgroup cache assumes NSS callback uses in-buffer strings
+    (CVE-2024-33602)
 
 The following bugs are resolved with this release: