[Buildroot] [PATCH] qpdf: security bump to version 8.1.0
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Sat Jun 30 19:43:20 UTC 2018
Hello,
On Fri, 29 Jun 2018 08:18:58 +0300, Baruch Siach wrote:
> Fixes CVE-2018-9918: mishandle certain "expected dictionary key but
> found non-name object" cases, allowing remote attackers to cause a
> denial of service (stack exhaustion)
>
> https://github.com/qpdf/qpdf/issues/202
>
> Drop local SHA256 hash since we use upstream provided SHA512.
>
> Signed-off-by: Baruch Siach <baruch at tkos.co.il>
> ---
> package/qpdf/qpdf.hash | 6 ++----
> package/qpdf/qpdf.mk | 2 +-
> 2 files changed, 3 insertions(+), 5 deletions(-)
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list