]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 44d8263) | patch
lrzsz: fix CVE-2018-10195
authorRoss Burton <ross.burton@intel.com>
Tue, 11 Sep 2018 09:37:40 +0000 (10:37 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Tue, 11 Sep 2018 09:46:12 +0000 (10:46 +0100)
commita7b50fcee9a295de57f743fa3637905992da722e
tree93302e59a50dbd6cd05c09fc41367a5a22cba3f5tree | snapshot
parent44d826327e9336d7490745d5721d79809556b177commit | diff
lrzsz: fix CVE-2018-10195

"Integer overflow in src/zm.c:zsdata() causes crash in sz and can leak
information to receiver."

Take a patch from Fedora to resolve CVE-2018-10195.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-bsp/lrzsz/lrzsz-0.12.20/cve-2018-10195.patch [new file with mode: 0644] blob
meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb diff | blob | history
Mirror of the official openembedded-core repository