[Buildroot] [PATCH] package/file: security bump to version 5.36

Peter Korsgaard peter at korsgaard.com
Mon Mar 25 16:36:00 UTC 2019


>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:

 > CVE-2019-8906: do_core_note in readelf.c in libmagic.a in file 5.35 has
 > an out-of-bounds read because memcpy is misused.

 > CVE-2019-8904: do_bid_note in readelf.c in libmagic.a in file 5.35 has a
 > stack-based buffer over-read, related to file_printf and file_vprintf.

 > Update license files hashes; removal of trailing white spaces.

 > Signed-off-by: Baruch Siach <baruch at tkos.co.il>

Committed to 2018.02.x, 2018.11.x and 2019.02.x, thanks.

-- 
Bye, Peter Korsgaard



More information about the buildroot mailing list