From 4b5216d9b8ed0f135688da2b673c26d6d07df3ae Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Thu, 23 Feb 2017 16:48:31 +0100
Subject: doc update

---
 NEWS | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/NEWS b/NEWS
index 1743148cfb..49f2b042eb 100644
--- a/NEWS
+++ b/NEWS
@@ -18,8 +18,13 @@ See the end for copying conditions.
    a long list of names in functions such as gnutls_x509_crt_check_hostname().
    With the current code, the SANs are parsed once on certificate import.
 
-** libgnutls: Addressed invalid memory access in OpenPGP certificate parsing.
-   (issue found using oss-fuzz project)
+** libgnutls: Addressed integer overflow resulting to invalid memory write
+   in OpenPGP certificate parsing (issue found using oss-fuzz project:
+   https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420 )
+
+** libgnutls: Addressed read of 1 byte past the end of buffer in OpenPGP
+   certificate parsing (issue found using oss-fuzz project:
+   https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=391 )
 
 ** libgnutls: Print the key PIN value used by the HPKP protocol as per RFC7469
    when printing certificate information.
-- 
cgit v1.2.1