From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-Status: No, score=-4.8 required=3.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI,NICE_REPLY_A, SPF_HELO_PASS,SPF_PASS shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by dcvr.yhbt.net (Postfix) with ESMTPS id AD9F01F5AE for ; Mon, 3 Aug 2020 18:54:56 +0000 (UTC) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id D765F3850424; Mon, 3 Aug 2020 18:54:55 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org D765F3850424 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1596480895; bh=3hxMrssXYPIpMrZ4L3A+jwzByEkyGJy3oDivyEWYUJA=; h=Subject:To:References:Date:In-Reply-To:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To: From; b=scxzo+BpOtSAtTocC6J35LXpbsUD1cFD6hLnhXJ3v2BnsS5z8j2uHvGtXzFRrPwVt 822YMhGZCcHjJAqNYY9ql2qofrdpn/VTrM1MvTIVXh7yoyvROkuEAM1knK+Qz0D30P Zt0TYV2p9lUMgx1khv3ndgKPGZdfyCuzNVH33NdI= Received: from us-smtp-delivery-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by sourceware.org (Postfix) with ESMTP id 8DF173850413 for ; Mon, 3 Aug 2020 18:54:53 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 8DF173850413 Received: from mail-qv1-f71.google.com (mail-qv1-f71.google.com [209.85.219.71]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-390-jqmEtQI7NKaQWL6VoHAv7Q-1; Mon, 03 Aug 2020 14:54:51 -0400 X-MC-Unique: jqmEtQI7NKaQWL6VoHAv7Q-1 Received: by mail-qv1-f71.google.com with SMTP id j13so17631322qvi.17 for ; Mon, 03 Aug 2020 11:54:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=3hxMrssXYPIpMrZ4L3A+jwzByEkyGJy3oDivyEWYUJA=; b=alrfJ4niHslCaeiSUnvypR7qIhikhMHpqslnJredCbgk7HQG4knUBiyIIq1Ci0dYz8 oXWpEQM+HgKl/3fjkspl8e31o+2mURosCjtxnPBr9RlS6L7UDDkJthikokpVbODM1fBx D3r98i/wc5bMmqlL3khKNJHDdN5Az4BOELbTNoccQQcZGcWNYUvKKa3EKCDLRFO8c3mQ 1Cb8jA9iwxDYU3UPqfPi6pl6cax7RbW4b2FBebKfYZQsLoYoxzaZ4srZ0xkt7KPbylvw 3xH9ol7PJwrGufvP6lD9SoKYZ5hWeEHF8pTsLwGIqJrGz8DtiqtqlwnHP6VRty8PownF o4FA== X-Gm-Message-State: AOAM5310NzO8qmyFKDvIJbYzPhEkOBKp8xplUpA2Sz9Pu1qm9U83354k fQkWi10qT35ApRuL8qq/nBQfQtrlKbkpGT/+L3LyMAPGWkQnzRbwolb4NTmXCUBG8otVT19ea0d Q7S8zq2crsWyPSJDbJcgM X-Received: by 2002:aed:3689:: with SMTP id f9mr17911808qtb.238.1596480889970; Mon, 03 Aug 2020 11:54:49 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzgKYaloRheKmn9MJUaYSt91qe1wO0fXeNtCf4u5jAY9TQh+xU6H/4uzn3cXSqhehUuBqpFmA== X-Received: by 2002:aed:3689:: with SMTP id f9mr17911785qtb.238.1596480889750; Mon, 03 Aug 2020 11:54:49 -0700 (PDT) Received: from [192.168.1.16] (198-84-214-74.cpe.teksavvy.com. [198.84.214.74]) by smtp.gmail.com with ESMTPSA id 65sm20922273qkf.33.2020.08.03.11.54.48 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 03 Aug 2020 11:54:49 -0700 (PDT) Subject: Re: [PATCH v2] Add NEWS entry for CVE-2016-10228 (bug 19519) To: Aurelien Jarno , libc-alpha@sourceware.org References: <20200730115152.3545521-1-aurelien@aurel32.net> Organization: Red Hat Message-ID: Date: Mon, 3 Aug 2020 14:54:48 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: <20200730115152.3545521-1-aurelien@aurel32.net> Content-Language: en-US X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Carlos O'Donell via Libc-alpha Reply-To: Carlos O'Donell Errors-To: libc-alpha-bounces@sourceware.org Sender: "Libc-alpha" On 7/30/20 7:51 AM, Aurelien Jarno wrote: > --- > NEWS | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/NEWS b/NEWS > index 1ef4a0a7a47..0ce408528f2 100644 > --- a/NEWS > +++ b/NEWS > @@ -154,6 +154,10 @@ Changes to build and runtime requirements: > > Security related changes: > > + CVE-2016-10228: An infinite loop has been fixed in the iconv program when > + invoked with the -c option and when processing invalid multi-byte input > + sequences. Reported by Jan Engelhardt. > + > CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack > corruption when they were passed a pseudo-zero argument. Reported by Guido > Vranken / ForAllSecure Mayhem. > OK for 2.32. Please push ASAP. Reviewed-by: Carlos O'Donell -- Cheers, Carlos.