[OE-core] [PATCH 0/3] libvorbis security fixes
Tanu Kaskinen
tanuk at iki.fi
Tue Mar 20 08:50:21 UTC 2018
libvorbis 1.3.6 was recently released, and contains fixes for some CVEs.
Since the deadline for version upgrades is past, I'm only submitting the
CVE fixes.
Tanu Kaskinen (3):
libvorbis: CVE-2017-14633
libvorbis: CVE-2017-14632
libvorbis: CVE-2018-5146
.../libvorbis/libvorbis/CVE-2017-14632.patch | 62 +++++++++++++
.../libvorbis/libvorbis/CVE-2017-14633.patch | 42 +++++++++
.../libvorbis/libvorbis/CVE-2018-5146.patch | 100 +++++++++++++++++++++
.../libvorbis/libvorbis_1.3.5.bb | 3 +
4 files changed, 207 insertions(+)
create mode 100644 meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14632.patch
create mode 100644 meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14633.patch
create mode 100644 meta/recipes-multimedia/libvorbis/libvorbis/CVE-2018-5146.patch
--
2.16.2
More information about the Openembedded-core
mailing list