[Buildroot] [PATCH 1/1] package/qpdf: fix CVE-2021-36978
Peter Korsgaard
peter at korsgaard.com
Sun Aug 8 09:50:26 UTC 2021
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer
> overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and
> Pl_AES_PDF::finish) when a certain downstream write fails.
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Committed to 2021.02.x and 2021.05.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list