]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 396d5c0) | patch
patch: fix CVE-2019-20633
authorScott Murray <scott.murray@konsulko.com>
Wed, 30 Dec 2020 22:44:18 +0000 (17:44 -0500)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Fri, 1 Jan 2021 23:14:52 +0000 (23:14 +0000)
commitbe71dd2cc16a4c0d244a76a748f08ca0d9bfeba0
tree688f4634853095f5311aa82be984e53c4193e7c7tree | snapshot
parent396d5c0f9cffa4b54ae94738b1ef2b6fb545f082commit | diff
patch: fix CVE-2019-20633

* CVE detail: https://nvd.nist.gov/vuln/detail/CVE-2019-20633

* upstream tracking: https://savannah.gnu.org/bugs/index.php?56683

* Fixes potential for double free after incomplete fix for CVE-2018-6952
  - src/pch.c (another_hunk): Avoid invalid memory access in context format
    diffs.

Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-devtools/patch/patch/CVE-2019-20633.patch [new file with mode: 0644] blob
meta/recipes-devtools/patch/patch_2.7.6.bb diff | blob | history
Mirror of the official openembedded-core repository