projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 69b5125) | patch
package/lz4: annotate CVE-2014-4715
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Sat, 28 Mar 2020 09:51:38 +0000 (10:51 +0100)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Sat, 28 Mar 2020 13:53:50 +0000 (14:53 +0100)
commit45db4bb08e3e550db483d8745fe8aaede2fa7e98
treef0bd6ade078f28fa016baf0593d2c04439311472tree
parent69b51259a2cccbbeff106b7d3536832ab999c0f1commit | diff
package/lz4: annotate CVE-2014-4715

CVE-2014-4715 is misclassified (by our CVE tracker) as affecting
version 1.9.2, while in fact this issue has been fixed since lz4-r130:
https://github.com/lz4/lz4/commit/140e6e72ddb6fc5f7cd28ce0c8ec3812ef4a9c08

See https://github.com/lz4/lz4/issues/818

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/lz4/lz4.mk diff | blob | history