d/changelog: Add some fixed CVEs

author: Jörg Frings-Fürst <debian@jff.email> 2019-11-29 12:34:20 +0100
committer: Jörg Frings-Fürst <debian@jff.email> 2019-11-29 12:34:20 +0100
commit: 101f52fb0d2c7213ea63c29b031489fb22c2b8a5 (patch)
tree: 65942b7d4461555bd6d74d27a0cefd418e803fe1 /debian
parent: d71526b1c053fc69aaec2d2465c6d416633662fe (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index 8376088..5106128 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,6 +6,14 @@ libonig (6.9.4-1) UNRELEASED; urgency=medium
       + 0105-CVE-2019-13224.patch
       + 0110-CVE-2019-13225.patch
     - Refresh debain/copyright.
+    - Fixes CVE-2019-19204: heap-buffer-overflow in fetch_interval_quantifier
+        due to double PFETCH (Closes: #945313).
+    - Fixes CVE-2019-19203: heap-buffer-overflow in gb18030_mbc_enc_len
+        (Closes: #945312).
+    - Fixes CVE-2019-19012: Out of bounds read in mbc_to_code()
+        (Closes: #944959).
+    - Fixes CVE-2019-16163: Stack Exhaustion Problem (Closes: #939988).
+    - Fixes CVE-2019-19246: heap-based buffer over-read in str_lower_case_match.
   * debian/watch:_Correct typo.
   * Declare compliance with Debian Policy 4.4.1.1 (No changes needed).
   * Switch to debhelper-compat:
author	Jörg Frings-Fürst <debian@jff.email>	2019-11-29 12:34:20 +0100
committer	Jörg Frings-Fürst <debian@jff.email>	2019-11-29 12:34:20 +0100
commit	101f52fb0d2c7213ea63c29b031489fb22c2b8a5 (patch)
tree	65942b7d4461555bd6d74d27a0cefd418e803fe1 /debian
parent	d71526b1c053fc69aaec2d2465c6d416633662fe (diff)