projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b473ad2) | patch
package/raptor: fix CVE-2017-18926
authorPeter Korsgaard <peter@korsgaard.com>
Sat, 21 Nov 2020 12:44:47 +0000 (13:44 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Sun, 22 Nov 2020 14:31:36 +0000 (15:31 +0100)
commit8a683a54cc9b4adb4ad527e7d5efdf1808ba4163
treea17bb351f43355eace9c00c68c76b27dd7ad4b80tree
parentb473ad2ec2d2d2cf981d7ec3a11d548d33d8a2cbcommit | diff
package/raptor: fix CVE-2017-18926

raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF
Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the
XML writer, leading to heap-based buffer overflows (sometimes seen in
raptor_qname_format_as_xml).

For more details, see the oss-security discussion:
https://www.openwall.com/lists/oss-security/2020/11/13/1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/raptor/0002-Calcualte-max-nspace-declarations-correctly-for-XML-.patch [new file with mode: 0644] blob
package/raptor/raptor.mk diff | blob | history