From patchwork Wed Mar 4 21:36:05 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Aurelien Jarno X-Patchwork-Id: 1249268 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=209.132.180.131; helo=sourceware.org; envelope-from=libc-alpha-return-110273-incoming=patchwork.ozlabs.org@sourceware.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=aurel32.net Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.a=rsa-sha1 header.s=default header.b=IdRyupR7; dkim-atps=neutral Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 48XnP81lmbz9sPg for ; Thu, 5 Mar 2020 08:40:44 +1100 (AEDT) DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:cc:subject:date:message-id :mime-version:content-transfer-encoding; q=dns; s=default; b=Oqv +hFGEYTmSscxXDHoWmw51VIMxXESC+c5nmJhrH/hapR4rqg2fCemm5yXhV7PqovO 4DYAfpMgrZFScWRjCBhGyGiSm/FKvbsVHsYO7L1kaWc04yHowv2gVM0baSUG0xP7 gsskgBLMVOnikI44B5CO3Ndki2KLFzHHj69BL9kE= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:cc:subject:date:message-id :mime-version:content-transfer-encoding; s=default; bh=PT2I3uYxX m9ENd2kFHUzizMNBXg=; b=IdRyupR7pjcJcO/CBHtOj+VdWr79r0HQxIbnurw2J KkLnK1qYraagNsZUFne8I4MYT2ID+Bhwccw+tBrRYVDwJl2/qpErT51t/1zzk7sg ktu046P48xwebNENUOsa0SrtY9dZqaSbq1e3rgSd9PyP/RDXZXUzQBbMxB0HsbdX N8= Received: (qmail 70534 invoked by alias); 4 Mar 2020 21:37:25 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 68477 invoked by uid 89); 4 Mar 2020 21:36:28 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-26.9 required=5.0 tests=BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, SPF_HELO_PASS, SPF_PASS autolearn=ham version=3.3.1 spammy=suffered, HContent-Transfer-Encoding:8bit X-HELO: hall.aurel32.net From: Aurelien Jarno To: libc-alpha@sourceware.org Cc: Guido Vranken , Florian Weimer , Joseph Myers , Aurelien Jarno Subject: [PATCH] Add NEWS entry for CVE-2020-10029 (bug 25487) Date: Wed, 4 Mar 2020 22:36:05 +0100 Message-Id: <20200304213604.97558-1-aurelien@aurel32.net> MIME-Version: 1.0 --- NEWS | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) From what I understand, part of the NEWS file is filled automatically just before releases, but it's not the case for the security related changes. In any case we need to provide one when backporting the patch to other branches, so here is a proposal below. diff --git a/NEWS b/NEWS index 77631ca7071..4623984d36d 100644 --- a/NEWS +++ b/NEWS @@ -21,7 +21,9 @@ Changes to build and runtime requirements: Security related changes: - [Add security related changes here] + CVE-2020-10029: The sinl function on x86 targets suffered from stack + corruption when it was passed a pseudo-zero argument. Reported by + Guido Vranken. The following bugs are resolved with this release: