From 40e6e62217bbf4d74ddf43bf0bbf12da4a9fd293 Mon Sep 17 00:00:00 2001
From: Vincent Bernat <vincent@bernat.ch>
Date: Wed, 13 Jan 2021 18:42:19 +0100
Subject: [PATCH] doc: add NEWS entry about CVE-2020-27827

---
 NEWS | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/NEWS b/NEWS
index d6c33575..18b059ff 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,8 @@ lldpd (1.0.8)
   * Fix:
     + Out-of-bound read access when parsing LLDP-MED civic address in
       liblldpctl for malformed fields.
+    + Fix memory leak when receiving LLDPU with duplicate fields.
+      CVE-2020-27827.
   * Changes:
     + Enable "router" capability bit when IPv6 routing is enabled.
 
-- 
2.39.5