[Buildroot] [PATCH v2] package/raptor: fix CVE-2017-18926
Peter Korsgaard
peter at korsgaard.com
Sun Nov 22 14:31:48 UTC 2020
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF
> Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the
> XML writer, leading to heap-based buffer overflows (sometimes seen in
> raptor_qname_format_as_xml).
> For more details, see the oss-security discussion:
> https://www.openwall.com/lists/oss-security/2020/11/13/1
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
> ---
> Changes since v1:
> - Add _IGNORE_CVES entry for patch
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list