projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1d64fe9) | patch
package/mupdf: fix CVE-2021-37220
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Thu, 5 Aug 2021 09:22:26 +0000 (11:22 +0200)
committerArnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Thu, 5 Aug 2021 19:09:00 +0000 (21:09 +0200)
commit69143ccce0e6def08e10460b4d2ad68e8aa07062
tree32d0b626830f32bdd3c33801e7438b04c92c2c71tree
parent1d64fe9d58e5d34795afc15d84b961c93ed8f3c1commit | diff
package/mupdf: fix CVE-2021-37220

MuPDF through 1.18.1 has an out-of-bounds write because the cached color
converter does not properly consider the maximum key size of a hash
table. This can, for example, be seen with crafted "mutool draw" input.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
package/mupdf/0003-Bug-703791-Stay-within-hash-table-max-key-size-in-cached-color-converter.patch [new file with mode: 0644] blob
package/mupdf/mupdf.mk diff | blob | history