[Buildroot] [PATCH v2 1/2] package/glibc: bump version for additional post-2.30 security fixes
Peter Korsgaard
peter at korsgaard.com
Tue May 12 11:58:07 UTC 2020
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes the following security vulnerabilities:
> CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
> corruption when they were passed a pseudo-zero argument. Reported by Guido
> Vranken / ForAllSecure Mayhem.
> CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
> out-of-bounds write when executed in a signal frame context.
> CVE-2020-1752: A use-after-free vulnerability in the glob function when
> expanding ~user has been fixed.
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2020.02.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list