[Buildroot] [PATCH 1/1] package/libxcrypt: security bump to version 4.4.25
Peter Korsgaard
peter at korsgaard.com
Mon Sep 13 20:39:31 UTC 2021
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> - Fix several issues found by Covscan in the testsuite. These include:
> - CWE-170: String not null terminated (STRING_NULL)
> - CWE-188: Reliance on integer endianness (INCOMPATIBLE_CAST)
> - CWE-190: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
> - CWE-569: Wrong sizeof argument (SIZEOF_MISMATCH)
> - CWE-573: Missing varargs init or cleanup (VARARGS)
> - CWE-687: Argument cannot be negative (NEGATIVE_RETURNS)
> - Update hash of LICENSING due to files being updated with:
> https://github.com/besser82/libxcrypt/commit/44e9eb57b462cfbaeb085cea0e308511565f4a12
> https://github.com/besser82/libxcrypt/commit/578271c3776a442fa55ac5f5ea83c7dc83ede979
> https://github.com/besser82/libxcrypt/blob/v4.4.25/NEWS
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list