[Buildroot] [PATCH 1/1] package/qpdf: fix CVE-2021-36978

Peter Korsgaard peter at korsgaard.com
Sun Aug 8 09:50:26 UTC 2021


>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:

 > QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer
 > overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and
 > Pl_AES_PDF::finish) when a certain downstream write fails.

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>

Committed to 2021.02.x and 2021.05.x, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list