[Buildroot] [PATCH] patch: security bump to version 2.7.6
Peter Korsgaard
peter at korsgaard.com
Fri Feb 23 08:09:49 UTC 2018
>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:
> Fixes CVE-2016-10713: Out-of-bounds access within pch_write_line() in
> pch.c can possibly lead to DoS via a crafted input file.
> Add upstream patch fixing CVE-2018-6951: There is a segmentation fault,
> associated with a NULL pointer dereference, leading to a denial of
> service in the intuit_diff_type function in pch.c, aka a "mangled
> rename" issue.
> This bump does NOT fix CVE-2018-6952. See upstream bug #53133
> (https://savannah.gnu.org/bugs/index.php?53133).
> Add license file hash.
> Signed-off-by: Baruch Siach <baruch at tkos.co.il>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list