[OE-core] [poky][master][PATCH] bzip2: Fix CVE-2019-12900
Ross Burton
ross.burton at intel.com
Wed Jan 15 16:30:48 UTC 2020
On 15/01/2020 15:47, Saloni Jain wrote:
> From: Sana Kazi <Sana.Kazi at kpit.com>
>
> Added patch for CVE-2019-12900 as backport from upstream.
> Fixes out of bound access discovered while fuzzying karchive.
>
> Tested by: Sana.Kazi at kpit.com
>
> Signed-off-by: Saloni Jain <Saloni.Jain at kpit.com>
Need a S-o-b in the patch itself alongside a CVE tag, but also why not a
backport for Warrior and Thud?
Ross
More information about the Openembedded-core
mailing list