projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 419743d) | patch
package/lldpd: security bump to version 1.0.9
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Fri, 2 Apr 2021 19:52:52 +0000 (21:52 +0200)
committerYann E. MORIN <yann.morin.1998@free.fr>
Sat, 3 Apr 2021 07:07:27 +0000 (09:07 +0200)
commit5522b7526be9a81e7b44ed0ec603e05d8435381d
treecaabb249aa84bbf1df2ad81c47cb104a0daf36a8tree
parent419743daecccbc68b76b243cf1882480f20028a9commit | diff
package/lldpd: security bump to version 1.0.9

- Out-of-bound read access when parsing LLDP-MED civic address in
  liblldpctl for malformed fields.
- Fix memory leak when receiving LLDPU with duplicate fields.
  CVE-2020-27827.
- More memory leak fixes on duplicate TLVs in LLDP, CDP and EDP
  (related to CVE-2020-27827).

https://github.com/lldpd/lldpd/blob/1.0.9/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
package/lldpd/lldpd.hash diff | blob | history
package/lldpd/lldpd.mk diff | blob | history