]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: d686a3e) | patch
patch: fix CVE-2019-20633
authorScott Murray <scott.murray@konsulko.com>
Wed, 30 Dec 2020 22:44:18 +0000 (17:44 -0500)
committerSteve Sakoman <steve@sakoman.com>
Mon, 4 Jan 2021 14:50:23 +0000 (04:50 -1000)
commitaf4fbea9a1656bdf95d85831cae13cae3a60d5ee
treea957a7c4c34c6481a116ca3963f7a5c85ec46063tree | snapshot
parentd686a3eb928d316a4e53979fda48b205ba9104bccommit | diff
patch: fix CVE-2019-20633

* CVE detail: https://nvd.nist.gov/vuln/detail/CVE-2019-20633

* upstream tracking: https://savannah.gnu.org/bugs/index.php?56683

* Fixes potential for double free after incomplete fix for CVE-2018-6952
  - src/pch.c (another_hunk): Avoid invalid memory access in context format
    diffs.

Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit be71dd2cc16a4c0d244a76a748f08ca0d9bfeba0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-devtools/patch/patch/CVE-2019-20633.patch [new file with mode: 0644] blob
meta/recipes-devtools/patch/patch_2.7.6.bb diff | blob | history
Mirror of the official openembedded-core repository