Add NEWS entry for CVE-2020-1752 (bug 25414)

author Aurelien Jarno <aurelien@aurel32.net>

Thu, 19 Mar 2020 21:53:00 +0000 (22:53 +0100)

committer Aurelien Jarno <aurelien@aurel32.net>

Thu, 19 Mar 2020 22:12:42 +0000 (23:12 +0100)
author Aurelien Jarno <aurelien@aurel32.net>
Thu, 19 Mar 2020 21:53:00 +0000 (22:53 +0100)
committer Aurelien Jarno <aurelien@aurel32.net>
Thu, 19 Mar 2020 22:12:42 +0000 (23:12 +0100)
diff --git a/NEWS b/NEWS

index 0c4a78c3d561affc78910d571b1e222c64d15286..d966688a565ddeffc63015ae18aa3ab1990feeda 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -19,6 +19,9 @@ CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
    corruption when they were passed a pseudo-zero argument.  Reported by Guido
    Vranken / ForAllSecure Mayhem.
  
+CVE-2020-1752: A use-after-free vulnerability in the glob function when
+  expanding ~user has been fixed.
+
  The following bugs are resolved with this release:
  
    [23518] login: Remove utmp backend jump tables
author	Aurelien Jarno <aurelien@aurel32.net>
	Thu, 19 Mar 2020 21:53:00 +0000 (22:53 +0100)
committer	Aurelien Jarno <aurelien@aurel32.net>
	Thu, 19 Mar 2020 22:12:42 +0000 (23:12 +0100)