[Buildroot] [PATCH] package/libyang: security bump to version 1.0.240
Peter Korsgaard
peter at korsgaard.com
Wed Sep 29 19:48:20 UTC 2021
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes the following security issues:
> - CVE-2021-28902: In function read_yin_container() in libyang <= v1.0.225,
> it doesn't check whether the value of retval->ext[r] is NULL. In some
> cases, it can be NULL, which leads to the operation of
> retval-> ext[r]->flags that results in a crash.
> - CVE-2021-28903: A stack overflow in libyang <= v1.0.225 can cause a denial
> of service through function lyxml_parse_mem(). lyxml_parse_elem()
> function will be called recursively, which will consume stack space and
> lead to crash.
> - CVE-2021-28904: In function ext_get_plugin() in libyang <= v1.0.225, it
> doesn't check whether the value of revision is NULL. If revision is NULL,
> the operation of strcmp(revision, ext_plugins[u].revision) will lead to a
> crash.
> - CVE-2021-28905: In function lys_node_free() in libyang <= v1.0.225, it
> asserts that the value of node->module can't be NULL. But in some cases,
> node-> module can be null, which triggers a reachable assertion (CWE-617).
> - CVE-2021-28906: In function read_yin_leaf() in libyang <= v1.0.225, it
> doesn't check whether the value of retval->ext[r] is NULL. In some cases,
> it can be NULL, which leads to the operation of retval->ext[r]->flags that
> results in a crash.
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2021.02.x, 2021.05.x and 2021.08.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list