projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: be43be0) | patch
libarchive: security bump to version 3.3.3
authorBaruch Siach <baruch@tkos.co.il>
Fri, 19 Oct 2018 05:20:05 +0000 (08:20 +0300)
committerPeter Korsgaard <peter@korsgaard.com>
Sat, 20 Oct 2018 12:17:46 +0000 (14:17 +0200)
commit946f136fe174efc4560116940c93a84d456c7cfe
tree31d486d2d097be1858a57e1d1e18cc50c35e53fbtree
parentbe43be070f9bff3dbc7139b9a719749b46a9d8dbcommit | diff
libarchive: security bump to version 3.3.3

Fixes CVE-2017-14501: An out-of-bounds read flaw exists in
parse_file_info in archive_read_support_format_iso9660.c in libarchive
3.3.2 when extracting a specially crafted iso9660 iso file, related to
archive_read_format_iso9660_read_header.

Drop upstream patches.

Use upstream provided tarball hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/libarchive/0001-Do-something-sensible-for-empty-strings-to-make-fuzz.patch [deleted file] blob | history
package/libarchive/0002-iso9660-validate-directory-record-length.patch [deleted file] blob | history
package/libarchive/0003-Avoid-a-read-off-by-one-error-for-UTF16-names-in-RAR.patch [deleted file] blob | history
package/libarchive/0004-Reject-LHA-archive-entries-with-negative-size.patch [deleted file] blob | history
package/libarchive/libarchive.hash diff | blob | history
package/libarchive/libarchive.mk diff | blob | history