[Buildroot] [PATCH 1/1] package/uboot-tools: security bump to version 2021.04
Fabrice Fontaine
fontaine.fabrice at gmail.com
Mon Apr 26 17:57:47 UTC 2021
Le lun. 26 avr. 2021 à 19:56, Peter Korsgaard <peter at korsgaard.com> a écrit :
>
> >>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
>
> > Le lun. 26 avr. 2021 à 14:37, Peter Korsgaard <peter at korsgaard.com> a écrit :
> >>
> >> >>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> >>
> >> > - Fix CVE-2021-27097: The boot loader in Das U-Boot before 2021.04-rc2
> >> > mishandles a modified FIT.
> >> > - Fix CVE-2021-27138: The boot loader in Das U-Boot before 2021.04-rc2
> >> > mishandles use of unit addresses in a FIT.
> >>
> >> Are these really bugs in uboot-tools, E.G. the (host-side) tools and not
> >> in u-boot itself?
> > Indeed, these CVEs are affecting uboot and not uboot-tools.
>
> Ok, thanks.
>
> I BTW noticed quite some build errors in uboot-tools since the bump:
>
> http://autobuild.buildroot.net/?reason=host-uboot-tools-2021.04
Indeed, should be fixed by
https://git.buildroot.net/buildroot/commit/?id=a8eef7d2e62aba92fbab3906862c6422410c8677
>
> --
> Bye, Peter Korsgaard
Best Regards,
Fabrice
More information about the buildroot
mailing list