From 2c7655105475ad81ad07eedc9dded1924afb154f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= <debian@jff.email>
Date: Fri, 12 Jul 2019 10:25:50 +0200
Subject: Fix CVE-2019-1322[4-5]

---
 debian/changelog | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'debian/changelog')

diff --git a/debian/changelog b/debian/changelog
index 181ecf3..b9e1e60 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,11 @@ libonig (6.9.2-1) UNRELEASED; urgency=medium
     - Refresh symbols file.
     - Refresh debian/patches/0100-source_typos.patch.
   * Rewrite debain/watch.
+  * New debian/patches/0105-CVE-2019-13224.patch and
+      debian/patches/0110-CVE-2019-13225.patch (Closes: #931878):
+    - Fixes CVE-2019-13224 A use-after-free in onig_new_deluxe() in regext.c.
+    - Fixes CVE-2019-13225 A NULL Pointer Dereference in match_at()
+       in regexec.c.
 
  -- Jörg Frings-Fürst <debian@jff.email>  Fri, 12 Jul 2019 09:15:25 +0200
 
-- 
cgit v1.2.3