[Buildroot] [PATCH 1/1] package/bzip2: security bump version to 1.0.8
Peter Korsgaard
peter at korsgaard.com
Sat Aug 3 20:33:00 UTC 2019
>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls at t-online.de> writes:
> Switched to new maintainer source:
> https://sourceware.org/ml/bzip2-devel/2019-q2/msg00022.html
> Version 1.0.7 fixes CVE-2016-3189 & CVE-2019-12900.
But we already have a fix for CVE-2019-12900 in
0003-Make-sure-nSelectors-is-not-out-of-range.patch. How come you are
not removing it?
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list