[Buildroot] [PATCH] libarchive: add upstream security patches
Peter Korsgaard
peter at korsgaard.com
Wed Aug 8 14:26:43 UTC 2018
>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:
> Add patches for the following security issues:
> CVE-2017-14501 - An out-of-bounds read flaw exists in parse_file_info in
> archive_read_support_format_iso9660.c when extracting a specially
> crafted iso9660 iso file.
> CVE-2017-14502 - Off-by-one error for UTF-16 names in RAR archives,
> leading to an out-of-bounds read in archive_read_format_rar_read_header.
> CVE-2017-14503 - Out-of-bounds read within lha_read_data_none() in
> archive_read_support_format_lha.c when extracting a specially crafted
> lha archive.
> Signed-off-by: Baruch Siach <baruch at tkos.co.il>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list