From: Raphael Moreira Zinsly <rzinsly@linux.ibm.com>
Date: Thu, 18 Mar 2021 21:05:13 +0000 (-0300)
Subject: Merge branch release/2.30/master into ibm/2.30/master
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=903f0b694220b246dfe5ffe128e6766db813dd52;p=thirdparty%2Fglibc.git

Merge branch release/2.30/master into ibm/2.30/master
---

903f0b694220b246dfe5ffe128e6766db813dd52
diff --cc NEWS
index ecf91b04ab1,4926a57f3a2..d2c2a0ec672
--- a/NEWS
+++ b/NEWS
@@@ -25,15 -25,9 +25,16 @@@ CVE-2020-1751: A defect in the PowerPC 
  CVE-2020-1752: A use-after-free vulnerability in the glob function when
    expanding ~user has been fixed.
  
 +CVE-2020-27618: An infinite loop has been fixed in the iconv program when
 +  invoked with input containing redundant shift sequences in the IBM1364,
 +  IBM1371, IBM1388, IBM1390, or IBM1399 character sets.
 +
 +CVE-2020-29562: An assertion failure has been fixed in the iconv function
 +  when invoked with UCS4 input containing an invalid character.
 +
  The following bugs are resolved with this release:
  
+   [20019] NULL pointer dereference in libc.so.6 IFUNC due to uninitialized GOT
    [20543] Please move from .gnu.linkonce to comdat
    [23296] Data race in setting function descriptor during lazy binding
    [23518] login: Remove utmp backend jump tables