1 files changed, 3 insertions, 0 deletions

diff --git a/NEWS b/NEWS
index 472cba8cda..918e9ebbaf 100644
--- a/NEWS
+++ b/NEWS
@@ -21,6 +21,9 @@ Security related changes:
   corruption when they were passed a pseudo-zero argument.  Reported by Guido
   Vranken / ForAllSecure Mayhem.
 
+  CVE-2020-1752: A use-after-free vulnerability in the glob function when
+  expanding ~user has been fixed.
+
 
 Version 2.31