AuroraMiddleware/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2024-11-21 12:30:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

NEWS: Mention CVE-2021-3326 (iconv assertion with ISO-20220-JP-3)

Browse Source
This commit is contained in:
Florian Weimer 2021-01-29 17:29:57 +01:00
parent 570bb42376
commit d7f4f3f5fb
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
NEWS
View File

@ -102,6 +102,12 @@ Changes to build and runtime requirements:
Security related changes:
CVE-2021-3326: An assertion failure during conversion from the
qISO-20220-JP-3 character set using the iconv function has been fixed.
This assertion was triggered by certain valid inputs in which the
converted output contains a combined sequence of two wide characters
crossing a buffer boundary. Reported by Tavis Ormandy.
CVE-2020-27618: An infinite loop has been fixed in the iconv program when
invoked with input containing redundant shift sequences in the IBM1364,
IBM1371, IBM1388, IBM1390, or IBM1399 character sets.