]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 4ffc1c6) | patch
libbsd: Security fix and update 0.8.2
authorArmin Kuster <akuster@mvista.com>
Wed, 10 Feb 2016 22:18:24 +0000 (14:18 -0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 11 Feb 2016 22:32:17 +0000 (22:32 +0000)
commit29053ff82bf28da45eef9d7e85d6d3ce7060daf6
tree83b5ff3f7cda802bd836abae2d0720f67c01c8e5tree | snapshot
parent4ffc1c6ea67e65c21964fa119820b37725f5a5decommit | diff
libbsd: Security fix and update 0.8.2

This update includes:
CVE-2016-2090 Heap buffer overflow in fgetwln function of libbsd

libbsd 0.8.1 and earlier contains a buffer overflow in the function
fgetwln(). An if checks if it is necessary to reallocate memory in the
target buffer. However this check is off by one, therefore an out of
bounds write happens.

Upstream has released version 0.8.2 to fix this.

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-support/libbsd/libbsd_0.8.2.bb [moved from meta/recipes-support/libbsd/libbsd_0.8.1.bb with 91% similarity] diff | blob | history
Mirror of the official openembedded-core repository