projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f9fd193) | patch
package/file: security bump to version 5.36
authorBaruch Siach <baruch@tkos.co.il>
Tue, 12 Mar 2019 12:12:30 +0000 (14:12 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Tue, 12 Mar 2019 15:16:34 +0000 (16:16 +0100)
commit14d6e6df7bcfd7d46811a812610ec87b0b249088
tree7ae52ab62d5f7341addee0be2e0caaab505cda20tree
parentf9fd1931410ec7f68e0f310efb9c5f616bb73ea8commit | diff
package/file: security bump to version 5.36

CVE-2019-8906: do_core_note in readelf.c in libmagic.a in file 5.35 has
an out-of-bounds read because memcpy is misused.

CVE-2019-8904: do_bid_note in readelf.c in libmagic.a in file 5.35 has a
stack-based buffer over-read, related to file_printf and file_vprintf.

Update license files hashes; removal of trailing white spaces.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/file/file.hash diff | blob | history
package/file/file.mk diff | blob | history