Mention recently assigned CVEs CVE-2012-6702 and CVE-2016-5300 in plaintext change log

author Sebastian Pipping <sebastian@pipping.org>

Sat, 4 Jun 2016 15:20:18 +0000 (17:20 +0200)

committer Sebastian Pipping <sebastian@pipping.org>

Sat, 4 Jun 2016 15:21:04 +0000 (17:21 +0200)
author Sebastian Pipping <sebastian@pipping.org>
Sat, 4 Jun 2016 15:20:18 +0000 (17:20 +0200)
committer Sebastian Pipping <sebastian@pipping.org>
Sat, 4 Jun 2016 15:21:04 +0000 (17:21 +0200)
diff --git a/expat/Changes b/expat/Changes

index b3e6854a6c3b66ab03d36871980a0964767c8884..e8a59ab80d9bd7bd64128fbc0735300d021df38a 100644 (file)
--- a/expat/Changes
+++ b/expat/Changes
@@ -3,10 +3,11 @@ Release ??? ???
              #537  CVE-2016-0718 -- fix crash on malformed input
                    CVE-2016-4472 -- improve insufficient fix to CVE-2015-1283 /
                                     CVE-2015-2716 introduced with Expat 2.1.1
-            #499  Use more entropy for hash initialization
-            #519  Resolve troublesome internal call to srand
-                    that was introduced with Expat 2.1.0
-                    when addressing CVE-2012-0876 (issue #496)
+            #499  CVE-2016-5300 -- Use more entropy for hash initialization
+                                   than the original fix to CVE-2012-0876
+            #519  CVE-2012-6702 -- Resolve troublesome internal call to srand
+                                   that was introduced with Expat 2.1.0
+                                   when addressing CVE-2012-0876 (issue #496)
  
          Bug fixes:
                    Fix uninitialized reads of size 1
author	Sebastian Pipping <sebastian@pipping.org>
	Sat, 4 Jun 2016 15:20:18 +0000 (17:20 +0200)
committer	Sebastian Pipping <sebastian@pipping.org>
	Sat, 4 Jun 2016 15:21:04 +0000 (17:21 +0200)