NEWS: add fixed security advisories list

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
author: Andreas K. Hüttel <dilfridge@gentoo.org> 2024-07-20 18:55:07 +0200
committer: Andreas K. Hüttel <dilfridge@gentoo.org> 2024-07-20 18:55:07 +0200
commit: 391d9041f01282d243e7d3cbd272dffea5f2313c (patch)
tree: 0f6f318c067a43ba8ddc3c962c6895e6a854bc6c
parent: NEWS: add resolved bugs list (diff)
download: glibc-391d9041f01282d243e7d3cbd272dffea5f2313c.tar.xz
glibc-391d9041f01282d243e7d3cbd272dffea5f2313c.zip
1 files changed, 17 insertions, 2 deletions
diff --git a/NEWS b/NEWS
index a014472772..ae06f17661 100644
--- a/NEWS
+++ b/NEWS
@@ -71,8 +71,23 @@ Security related changes:
 The following CVEs were fixed in this release, details of which can be
 found in the advisories directory of the release tarball:
 
-  [The release manager will add the list generated by
-  scripts/process-advisories.sh just before the release.]
+  GLIBC-SA-2024-0004:
+    ISO-2022-CN-EXT: fix out-of-bound writes when writing escape
+    sequence (CVE-2024-2961)
+
+  GLIBC-SA-2024-0005:
+    nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599)
+
+  GLIBC-SA-2024-0006:
+    nscd: Null pointer crash after notfound response (CVE-2024-33600)
+
+  GLIBC-SA-2024-0007:
+    nscd: netgroup cache may terminate daemon on memory allocation
+    failure (CVE-2024-33601)
+
+  GLIBC-SA-2024-0008:
+    nscd: netgroup cache assumes NSS callback uses in-buffer strings
+    (CVE-2024-33602)
 
 The following bugs are resolved with this release:
author	Andreas K. Hüttel <dilfridge@gentoo.org>	2024-07-20 18:55:07 +0200
committer	Andreas K. Hüttel <dilfridge@gentoo.org>	2024-07-20 18:55:07 +0200
commit	391d9041f01282d243e7d3cbd272dffea5f2313c (patch)
tree	0f6f318c067a43ba8ddc3c962c6895e6a854bc6c
parent	NEWS: add resolved bugs list (diff)
download	glibc-391d9041f01282d243e7d3cbd272dffea5f2313c.tar.xz glibc-391d9041f01282d243e7d3cbd272dffea5f2313c.zip