From: Siddhesh Poyarekar <siddhesh@sourceware.org>
Date: Mon, 7 Dec 2020 16:59:18 +0000 (+0530)
Subject: Add NEWS entry for CVE-2020-29562 (BZ #26923)
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3e33d9307398f3cd17c14f40491823e0d0334bc9;p=thirdparty%2Fglibc.git

Add NEWS entry for CVE-2020-29562 (BZ #26923)

BZ #26923 now has a CVE entry, so add a NEWS entry for it.
---

diff --git a/NEWS b/NEWS
index 1ad5c89d6b7..ecf91b04ab1 100644
--- a/NEWS
+++ b/NEWS
@@ -29,6 +29,9 @@ CVE-2020-27618: An infinite loop has been fixed in the iconv program when
   invoked with input containing redundant shift sequences in the IBM1364,
   IBM1371, IBM1388, IBM1390, or IBM1399 character sets.
 
+CVE-2020-29562: An assertion failure has been fixed in the iconv function
+  when invoked with UCS4 input containing an invalid character.
+
 The following bugs are resolved with this release:
 
   [20543] Please move from .gnu.linkonce to comdat