[Buildroot] [PATCH 1/1] package/e2fsprogs: security bump to version 1.45.5
Peter Korsgaard
peter at korsgaard.com
Tue Mar 10 21:35:41 UTC 2020
>>>>> "Titouan" == Titouan Christophe <titouan.christophe at railnova.eu> writes:
> This fixes CVE-2019-5188:
> A code execution vulnerability exists in the directory rehashing
> functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4
> directory can cause an out-of-bounds write on the stack, resulting
> in code execution. An attacker can corrupt a partition to trigger
> this vulnerability.
> Also change the hash file to the new spacing convention introduced
> by Yann E. Morin.
> Signed-off-by: Titouan Christophe <titouan.christophe at railnova.eu>
Committed to 2019.02.x and 2019.11.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list