projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7540fbe) | patch
package/tmux: add upstream security fix for CVE-2020-27347
authorPeter Korsgaard <peter@korsgaard.com>
Thu, 12 Nov 2020 09:21:45 +0000 (10:21 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Thu, 12 Nov 2020 20:49:21 +0000 (21:49 +0100)
commit7e0f81a9f65b57c0228466b7f59d222f2011e4d0
treeb607643fbcdb41e950caf316e242bc9693be5acatree
parent7540fbe877d48d75113338430ce3304a00a82cb1commit | diff
package/tmux: add upstream security fix for CVE-2020-27347

Fixes CVE-2020-27347: The function input_csi_dispatch_sgr_colon() in file
input.c contained a stack-based buffer-overflow that can be exploited by
terminal output.

For details, see:
https://www.openwall.com/lists/oss-security/2020/11/05/3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/tmux/0001-Do-not-write-after-the-end-of-the-array-and-overwrit.patch [new file with mode: 0644] blob
package/tmux/tmux.mk diff | blob | history