[oe-commits] Roy Li : unzip: fix four CVE defects
git at git.openembedded.org
git at git.openembedded.org
Tue Jul 21 11:22:46 UTC 2015
Module: openembedded-core.git
Branch: dizzy
Commit: 429ab46f975c05f65120beddf50099c7cb0b2f86
URL: http://git.openembedded.org/?p=openembedded-core.git&a=commit;h=429ab46f975c05f65120beddf50099c7cb0b2f86
Author: Roy Li <rongqing.li at windriver.com>
Date: Tue Jun 23 13:32:06 2015 +0800
unzip: fix four CVE defects
Port four patches from unzip_6.0-8+deb7u2.debian.tar.gz to fix:
cve-2014-8139
cve-2014-8140
cve-2014-8141
cve-2014-9636
Signed-off-by: Roy Li <rongqing.li at windriver.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
.../unzip/09-cve-2014-8139-crc-overflow.patch | 52 ++++++++
.../unzip/10-cve-2014-8140-test-compr-eb.patch | 33 +++++
.../unzip/11-cve-2014-8141-getzip64data.patch | 144 +++++++++++++++++++++
.../unzip/12-cve-2014-9636-test-compr-eb.patch | 45 +++++++
meta/recipes-extended/unzip/unzip_6.0.bb | 4 +
5 files changed, 278 insertions(+)
Diff: http://git.openembedded.org/?p=openembedded-core.git/?a=commitdiff;h=429ab46f975c05f65120beddf50099c7cb0b2f86
More information about the Openembedded-commits
mailing list