[Buildroot] [PATCH] vorbis-tools: add fix for CVE-2015-6749
Thomas Petazzoni
thomas.petazzoni at free-electrons.com
Mon Nov 2 19:58:58 UTC 2015
Dear Gustavo Zacarias,
On Tue, 27 Oct 2015 22:04:05 -0300, Gustavo Zacarias wrote:
> Fixes:
> CVE-2015-6749 - invalid AIFF file causes alloca() buffer overflow.
>
> Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
> ---
> ...oggenc-Fix-large-alloca-on-bad-AIFF-input.patch | 37 ++++++++++++++++++++++
> 1 file changed, 37 insertions(+)
> create mode 100644 package/vorbis-tools/0001-oggenc-Fix-large-alloca-on-bad-AIFF-input.patch
Applied, thanks.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
More information about the buildroot
mailing list