From 6b11f60c700c9b50aba1a7f123411add5ade733c Mon Sep 17 00:00:00 2001
From: Aurelien Jarno <aurelien@aurel32.net>
Date: Thu, 19 Mar 2020 22:53:00 +0100
Subject: [PATCH] Add NEWS entry for CVE-2020-1752 (bug 25414)

(cherry picked from commit 39a05214fe14ff722d4d92e697fb71ff15e84e70)
---
 NEWS | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/NEWS b/NEWS
index 0c4a78c3d56..d966688a565 100644
--- a/NEWS
+++ b/NEWS
@@ -19,6 +19,9 @@ CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
   corruption when they were passed a pseudo-zero argument.  Reported by Guido
   Vranken / ForAllSecure Mayhem.
 
+CVE-2020-1752: A use-after-free vulnerability in the glob function when
+  expanding ~user has been fixed.
+
 The following bugs are resolved with this release:
 
   [23518] login: Remove utmp backend jump tables
-- 
2.47.2