projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: eae15d6) | patch
package/nginx: add upstream CVE-2021-23017 security fix
authorPeter Korsgaard <peter@korsgaard.com>
Fri, 28 May 2021 09:23:13 +0000 (11:23 +0200)
committerYann E. MORIN <yann.morin.1998@free.fr>
Fri, 28 May 2021 12:36:39 +0000 (14:36 +0200)
commitab9ceea782c770acdb9a25d8601b12af261c8ccb
tree69778951abe3f9a5c11c8f137174f2dbc15c4a0ftree
parenteae15d62c6a857f43d6f21af9a30f38994b3efc5commit | diff
package/nginx: add upstream CVE-2021-23017 security fix

Fixes the following vulnerability:

- CVE-2021-23017: 1-byte memory overwrite in resolver

For more details, see the advisories:
https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html
https://www.openwall.com/lists/oss-security/2021/05/25/5

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[yann.morin.1998@free.fr: annotate the patch, that it is a backport]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
package/nginx/0010-Resolver-fixed-off-by-one-write-in-ngx_resolver_copy.patch [new file with mode: 0644] blob
package/nginx/nginx.mk diff | blob | history