git.libre-soc.org Git - buildroot.git/commit

author	Gustavo Zacarias <gustavo@zacarias.com.ar>
	Thu, 3 Mar 2016 12:58:05 +0000 (09:58 -0300)
committer	Peter Korsgaard <peter@korsgaard.com>
	Thu, 3 Mar 2016 14:05:59 +0000 (15:05 +0100)
commit	527b7b1153c37ad081d7d31cf5280995b09e0005
tree	c7026a7981b4484b4d92fde218fdf08d38f03287	tree
parent	89ffdd42e2adffe3e1ccdb43a379332b2f8140bc	commit \| diff

cpio: add security patch to fix CVE-2016-2037

Fixes:
CVE-2016-2037 - The cpio_safer_name_suffix function in util.c in cpio
2.11 allows remote attackers to cause a denial of service (out-of-bounds
write) via a crafted cpio file.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/cpio/0001-fix-CVE-2016-2037.patch

[new file with mode: 0644]

blob

RSS Atom