[Buildroot] [PATCH] libgit2: security bump to version 0.27.4
Nicolas Cavallari
Nicolas.Cavallari at green-communications.fr
Tue Aug 7 08:37:53 UTC 2018
On 07/08/2018 07:33, Baruch Siach wrote:
> Fixes CVE-2018-10887 and CVE-2018-10888: out-of-bounds reads when
> reading objects from a packfile.
>
> Also fixes out-of-bounds reads when processing smart-protocol "ng"
> packets (no known CVE yet).
>
> Drop upstream patch.
>
> Cc: Nicolas Cavallari <nicolas.cavallari at green-communications.fr>
> Signed-off-by: Baruch Siach <baruch at tkos.co.il>
Reviewed-By: Nicolas Cavallari <nicolas.cavallari at green-communications.fr>
Tested a few toolchains with test-pkg, the tests are not finished yet...
More information about the buildroot
mailing list