package/ntfs-3g: add upstream security fix for CVE-2019-9755
Fixes CVE-2019-9755: An integer underflow issue exists in ntfs-3g 2017.3.23.
A local attacker could potentially exploit this by running /bin/ntfs-3g with
specially crafted arguments from a specially crafted directory to cause a
heap buffer overflow, resulting in a crash or the ability to execute
arbitrary code. In installations where /bin/ntfs-3g is a setuid-root
binary, this could lead to a local escalation of privileges.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
projects / buildroot.git / commit