projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ce978e0) | patch
package/upx: fix CVE-2021-20285
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Wed, 31 Mar 2021 21:32:47 +0000 (23:32 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Sun, 4 Apr 2021 10:27:31 +0000 (12:27 +0200)
commit92a6db4fc686b6dd19577f737ceb5e46b82c92c7
tree15a296d2d855a089dea163e9f3fb7727946e4b44tree
parentce978e0a671995c659b25b4e6441234e5c7a7a0ccommit | diff
package/upx: fix CVE-2021-20285

A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw
allows attackers to cause a denial of service (SEGV or buffer overflow
and application crash) or possibly have unspecified other impacts via a
crafted ELF. The highest threat from this vulnerability is to system
availability.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/upx/0001-Check-DT_REL-DT_RELA-DT_RELSZ-DT_RELASZ.patch [new file with mode: 0644] blob
package/upx/upx.mk diff | blob | history