Add NEWS entry for CVE-2020-29562 (BZ #26923)

author Siddhesh Poyarekar <siddhesh@sourceware.org>

Mon, 7 Dec 2020 16:59:18 +0000 (22:29 +0530)

committer Raphael Moreira Zinsly <rzinsly@linux.ibm.com>

Thu, 18 Mar 2021 21:04:13 +0000 (18:04 -0300)
author Siddhesh Poyarekar <siddhesh@sourceware.org>
Mon, 7 Dec 2020 16:59:18 +0000 (22:29 +0530)
committer Raphael Moreira Zinsly <rzinsly@linux.ibm.com>
Thu, 18 Mar 2021 21:04:13 +0000 (18:04 -0300)
diff --git a/NEWS b/NEWS

index 1ad5c89d6b7305b3e62f9e25230da6b42b32460c..ecf91b04ab1fd228288487146a378df5cefccae3 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -29,6 +29,9 @@ CVE-2020-27618: An infinite loop has been fixed in the iconv program when
    invoked with input containing redundant shift sequences in the IBM1364,
    IBM1371, IBM1388, IBM1390, or IBM1399 character sets.
  
+CVE-2020-29562: An assertion failure has been fixed in the iconv function
+  when invoked with UCS4 input containing an invalid character.
+
  The following bugs are resolved with this release:
  
    [20543] Please move from .gnu.linkonce to comdat
author	Siddhesh Poyarekar <siddhesh@sourceware.org>
	Mon, 7 Dec 2020 16:59:18 +0000 (22:29 +0530)
committer	Raphael Moreira Zinsly <rzinsly@linux.ibm.com>
	Thu, 18 Mar 2021 21:04:13 +0000 (18:04 -0300)