git.libre-soc.org Git - buildroot.git/commit

author	Baruch Siach <baruch@tkos.co.il>
	Fri, 22 Feb 2019 05:36:34 +0000 (07:36 +0200)
committer	Peter Korsgaard <peter@korsgaard.com>
	Fri, 22 Feb 2019 13:45:04 +0000 (14:45 +0100)
commit	872561cd5b35d0516338cd2530a4ac1236d3efb1
tree	b87cbcc5ecc0cbfb09301447363d9c5d581eaee4	tree
parent	51bb23652fbb5597d10cf2dc49948f9405c5619b	commit \| diff

package/unzip: add security and bug fix patches from Debian

Debian bug #741384: Buffer overflow

Debian bug #744212: Buffer overflow

CVE-2014-8139: CRC32 verification heap-based overflow

CVE-2014-8140: Out-of-bounds write issue in test_compr_eb()

CVE-2014-8141: Out-of-bounds read issues in getZip64Data()

CVE-2014-9636: Heap overflow

CVE-2015-7696: Heap overflow when extracting password-protected archive

CVE-2015-7697: Infinite loop when extracting password-protected archive

Red Hat Bugzilla #1260944: Unsigned overflow on invalid input

Debian bug #842993: Do not ignore Unix Timestamps

CVE-2014-9913: Buffer overflow

CVE-2016-9844: Buffer overflow in zipinfo

CVE-2018-1000035: Buffer overflow in password protected ZIP archives

Cc: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/unzip/unzip.hash		diff \| blob \| history
package/unzip/unzip.mk		diff \| blob \| history