diff mbox series

Add NEWS entry for CVE-2020-1752 (bug 25414)

Message ID 20200318141016.342567-1-aurelien@aurel32.net
State New
Headers show
Series Add NEWS entry for CVE-2020-1752 (bug 25414) | expand

Commit Message

Aurelien Jarno March 18, 2020, 2:10 p.m. UTC
---
 NEWS | 3 +++
 1 file changed, 3 insertions(+)

Comments

Michael Kerrisk \(man-pages\) via Libc-alpha March 18, 2020, 2:29 p.m. UTC | #1
On 3/18/20 10:10 AM, Aurelien Jarno wrote:
> ---
>  NEWS | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/NEWS b/NEWS
> index e0379fc53c1..68a408a3bc6 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -25,6 +25,9 @@ Security related changes:
>    corruption when they were passed a pseudo-zero argument.  Reported by Guido
>    Vranken / ForAllSecure Mayhem.
>  
> +  CVE-2020-1752: A use-after-free vulnerability in the glob function when
> +  expanding ~user has been fixed.
> +
>  The following bugs are resolved with this release:
>  
>    [The release manager will add the list generated by
> 

LGTM.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
diff mbox series

Patch

diff --git a/NEWS b/NEWS
index e0379fc53c1..68a408a3bc6 100644
--- a/NEWS
+++ b/NEWS
@@ -25,6 +25,9 @@  Security related changes:
   corruption when they were passed a pseudo-zero argument.  Reported by Guido
   Vranken / ForAllSecure Mayhem.
 
+  CVE-2020-1752: A use-after-free vulnerability in the glob function when
+  expanding ~user has been fixed.
+
 The following bugs are resolved with this release:
 
   [The release manager will add the list generated by