From: Vincent Bernat <vincent@bernat.ch>
Date: Wed, 13 Jan 2021 17:42:19 +0000 (+0100)
Subject: doc: add NEWS entry about CVE-2020-27827
X-Git-Tag: 1.0.8~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=40e6e62217bbf4d74ddf43bf0bbf12da4a9fd293;p=thirdparty%2Flldpd.git

doc: add NEWS entry about CVE-2020-27827
---

diff --git a/NEWS b/NEWS
index d6c33575..18b059ff 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,8 @@ lldpd (1.0.8)
   * Fix:
     + Out-of-bound read access when parsing LLDP-MED civic address in
       liblldpctl for malformed fields.
+    + Fix memory leak when receiving LLDPU with duplicate fields.
+      CVE-2020-27827.
   * Changes:
     + Enable "router" capability bit when IPv6 routing is enabled.