[OE-core] [poky][master][PATCH] bzip2: Fix CVE-2019-12900

Ross Burton ross.burton at intel.com
Wed Jan 15 16:30:48 UTC 2020

On 15/01/2020 15:47, Saloni Jain wrote:
> From: Sana Kazi <Sana.Kazi at kpit.com>
> Added patch for CVE-2019-12900 as backport from upstream.
> Fixes out of bound access discovered while fuzzying karchive.
> Tested by: Sana.Kazi at kpit.com
> Signed-off-by: Saloni Jain <Saloni.Jain at kpit.com>

Need a S-o-b in the patch itself alongside a CVE tag, but also why not a 
backport for Warrior and Thud?


More information about the Openembedded-core mailing list