projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7c384c3) | patch
busybox: add upstream security fixes
authorBaruch Siach <baruch@tkos.co.il>
Tue, 13 Feb 2018 16:51:41 +0000 (18:51 +0200)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Tue, 13 Feb 2018 21:05:12 +0000 (22:05 +0100)
commit6665360b6dc9fce02381f20a3e0088974538b19f
tree7da2637831dd8c39a551b52d89cd25ca037b4167tree
parent7c384c3b0f292413c3364f5113b340e22efa76f4commit | diff
busybox: add upstream security fixes

CVE-2017-15873: Integer overflow in decompress_bunzip2.c leads to a read
access violation

CVE-2017-15874: Integer overflow in decompress_unlzma.c leads to a read
access violation

Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/busybox/0006-bunzip2-fix-runCnt-overflow-from-bug-10431.patch [new file with mode: 0644] blob
package/busybox/0007-unlzma-fix-SEGV-closes-10436.patch [new file with mode: 0644] blob