doc update

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2017-03-05 18:00:16 +0100
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2017-03-05 18:04:23 +0100
commit: 578f2eb804d224d4fc74f7f4b13f1bdb88810841 (patch)
tree: 7c2c3e4a7212e4be699f9ad5fffd0ccdb16226f0
parent: ac59fb20faff9a267c05356bfc535fb279b2fbbd (diff)
download: gnutls-578f2eb804d224d4fc74f7f4b13f1bdb88810841.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 4a91f99823..c8f5c0832d 100644
--- a/NEWS
+++ b/NEWS
@@ -32,6 +32,11 @@ See the end for copying conditions.
    https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=354
    https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=360 [GNUTLS-SA-2017-3B]
 
+** libgnutls: Addressed large allocation in OpenPGP certificate parsing, that
+   could lead in out-of-memory condition. Issue found using oss-fuzz project,
+   and was fixed by Alex Gaynor:
+   https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=392 [GNUTLS-SA-2017-3C]
+
 ** libgnutls: Print the key PIN value used by the HPKP protocol as per RFC7469
    when printing certificate information.
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2017-03-05 18:00:16 +0100
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2017-03-05 18:04:23 +0100
commit	578f2eb804d224d4fc74f7f4b13f1bdb88810841 (patch)
tree	7c2c3e4a7212e4be699f9ad5fffd0ccdb16226f0
parent	ac59fb20faff9a267c05356bfc535fb279b2fbbd (diff)
download	gnutls-578f2eb804d224d4fc74f7f4b13f1bdb88810841.tar.gz