projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d02d600) | patch
package/gd: fix CVE-2021-38115
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Sat, 14 Aug 2021 20:43:34 +0000 (22:43 +0200)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Sun, 15 Aug 2021 14:55:03 +0000 (16:55 +0200)
commit0eebfba38888209313837bc81a22a4b3bf11ada4
tree0f87ac2816285fd81fe5d39522419d8cc6c3b73dtree
parentd02d60071d7cd31261d480adfe83d1fd7816d0e6commit | diff
package/gd: fix CVE-2021-38115

read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD)
through 2.3.2 allows remote attackers to cause a denial of service
(out-of-bounds read) via a crafted TGA file.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/gd/0001-fix-read-out-of-bands-in-reading-tga-header-file.patch [new file with mode: 0644] blob
package/gd/gd.mk diff | blob | history