NEWS: add an entry for #1822

author Alexander Sosedkin <asosedkin@redhat.com>

Wed, 29 Apr 2026 12:12:23 +0000 (14:12 +0200)

committer Alexander Sosedkin <asosedkin@redhat.com>

Wed, 29 Apr 2026 14:26:23 +0000 (16:26 +0200)
author Alexander Sosedkin <asosedkin@redhat.com>
Wed, 29 Apr 2026 12:12:23 +0000 (14:12 +0200)
committer Alexander Sosedkin <asosedkin@redhat.com>
Wed, 29 Apr 2026 14:26:23 +0000 (16:26 +0200)
diff --git a/NEWS b/NEWS

index f76b7bd73c6b05ecf31ea89d19f8ce846beaa136..3dc3c2037f3bf0ddcfcaf827614773a195ea3c03 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -148,6 +148,12 @@ See the end for copying conditions.
     certificate entries, leading to a double-free (#1819).
     Reported by Joshua Rogers of AISLE Research Team.
  
+** libgnutls: Fix heap overread in SCT extension parser
+   The list-length validation didn't account for the 2-byte length field,
+   allowing a specially crafted SCT extension to cause
+   a 2-byte overread past the buffer (#1822).
+   Reported by Joshua Rogers of AISLE Research Team.
+
  ** build: Support building with Nettle 4.0
     Nettle 4.0 was released in Feburary 2026, with API incompatibile
     changes from 3.10. The library can now compile with it, while
author	Alexander Sosedkin <asosedkin@redhat.com>
	Wed, 29 Apr 2026 12:12:23 +0000 (14:12 +0200)
committer	Alexander Sosedkin <asosedkin@redhat.com>
	Wed, 29 Apr 2026 14:26:23 +0000 (16:26 +0200)