NEWS: insert list of CVEs

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
author: Andreas K. Hüttel <dilfridge@gentoo.org> 2025-07-26 15:23:49 +0200
committer: Andreas K. Hüttel <dilfridge@gentoo.org> 2025-07-26 15:23:49 +0200
commit: a92914de93979dbaa85ae9e410157bf5b67bcf98 (patch)
tree: 48e901d2d80faed0af3776c4e10f07ec978dea95
parent: 4d585d0afb2db97ce4356c56ee63ac58f44ebe29 (diff)
download: glibc-a92914de93979dbaa85ae9e410157bf5b67bcf98.zip
glibc-a92914de93979dbaa85ae9e410157bf5b67bcf98.tar.gz
glibc-a92914de93979dbaa85ae9e410157bf5b67bcf98.tar.bz2
1 files changed, 15 insertions, 2 deletions
diff --git a/NEWS b/NEWS
index a3ab26c..14a58be 100644
--- a/NEWS
+++ b/NEWS
@@ -83,8 +83,21 @@ Security related changes:
 The following CVEs were fixed in this release, details of which can be
 found in the advisories directory of the release tarball:
 
-  [The release manager will add the list generated by
-  scripts/process-advisories.sh just before the release.]
+  GLIBC-SA-2025-0001:
+    assert: Buffer overflow when printing assertion failure message
+    (CVE-2025-0395)
+
+  GLIBC-SA-2025-0003:
+    power10: strcmp fails to save and restore nonvolatile vector
+    registers (CVE-2025-5702)
+
+  GLIBC-SA-2025-0004:
+    power10: strncmp fails to save and restore nonvolatile vector
+    registers (CVE-2025-5745)
+
+  GLIBC-SA-2025-0005:
+    posix: Fix double-free after allocation failure in regcomp
+    (CVE-2025-8058)
 
 The following bugs were resolved with this release:
author	Andreas K. Hüttel <dilfridge@gentoo.org>	2025-07-26 15:23:49 +0200
committer	Andreas K. Hüttel <dilfridge@gentoo.org>	2025-07-26 15:23:49 +0200
commit	a92914de93979dbaa85ae9e410157bf5b67bcf98 (patch)
tree	48e901d2d80faed0af3776c4e10f07ec978dea95
parent	4d585d0afb2db97ce4356c56ee63ac58f44ebe29 (diff)
download	glibc-a92914de93979dbaa85ae9e410157bf5b67bcf98.zip glibc-a92914de93979dbaa85ae9e410157bf5b67bcf98.tar.gz glibc-a92914de93979dbaa85ae9e410157bf5b67bcf98.tar.bz2