projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0774dec) | patch
package/netatalk: security bump to version 3.1.23
authorPeter Korsgaard <peter@korsgaard.com>
Fri, 21 Dec 2018 12:56:59 +0000 (13:56 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Fri, 21 Dec 2018 14:40:29 +0000 (15:40 +0100)
commit8aaf05916c20d1fe3fafd424fdcd77726de140c4
tree7821dbf6950b7ebe98e44dc0193db0b30efb6b77tree
parent0774dec62a39f75d5e6f9ee7c43a658e9f9ef1fecommit | diff
package/netatalk: security bump to version 3.1.23

Fixes CVE-2018-1160: Netatalk before 3.1.12 is vulnerable to an out of
bounds write in dsi_opensess.c.  This is due to lack of bounds checking on
attacker controlled data.  A remote unauthenticated attacker can leverage
this vulnerability to achieve arbitrary code execution.

For more details, see the release notes:
http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/netatalk/netatalk.hash diff | blob | history
package/netatalk/netatalk.mk diff | blob | history