NEWS: insert list of CVEs

author Andreas K. Hüttel <dilfridge@gentoo.org>

Sat, 26 Jul 2025 13:23:49 +0000 (15:23 +0200)

committer Andreas K. Hüttel <dilfridge@gentoo.org>

Sat, 26 Jul 2025 13:23:49 +0000 (15:23 +0200)
author Andreas K. Hüttel <dilfridge@gentoo.org>
Sat, 26 Jul 2025 13:23:49 +0000 (15:23 +0200)
committer Andreas K. Hüttel <dilfridge@gentoo.org>
Sat, 26 Jul 2025 13:23:49 +0000 (15:23 +0200)
diff --git a/NEWS b/NEWS

index a3ab26c04623678a13506fd991a255964a6f5906..14a58be747f5bd0e68121bc7d24d6b8de1b11d7a 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -83,8 +83,21 @@ Security related changes:
  The following CVEs were fixed in this release, details of which can be
  found in the advisories directory of the release tarball:
  
-  [The release manager will add the list generated by
-  scripts/process-advisories.sh just before the release.]
+  GLIBC-SA-2025-0001:
+    assert: Buffer overflow when printing assertion failure message
+    (CVE-2025-0395)
+
+  GLIBC-SA-2025-0003:
+    power10: strcmp fails to save and restore nonvolatile vector
+    registers (CVE-2025-5702)
+
+  GLIBC-SA-2025-0004:
+    power10: strncmp fails to save and restore nonvolatile vector
+    registers (CVE-2025-5745)
+
+  GLIBC-SA-2025-0005:
+    posix: Fix double-free after allocation failure in regcomp
+    (CVE-2025-8058)
  
  The following bugs were resolved with this release:
author	Andreas K. Hüttel <dilfridge@gentoo.org>
	Sat, 26 Jul 2025 13:23:49 +0000 (15:23 +0200)
committer	Andreas K. Hüttel <dilfridge@gentoo.org>
	Sat, 26 Jul 2025 13:23:49 +0000 (15:23 +0200)