CaROS/poky
3
1
Fork 0
mirror of https://git.yoctoproject.org/git/poky synced 2026-01-04 16:10:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

libbsd: Security fix and update 0.8.2

Browse Source 
This update includes:
CVE-2016-2090 Heap buffer overflow in fgetwln function of libbsd

libbsd 0.8.1 and earlier contains a buffer overflow in the function
fgetwln(). An if checks if it is necessary to reallocate memory in the
target buffer. However this check is off by one, therefore an out of
bounds write happens.

Upstream has released version 0.8.2 to fix this.

(From OE-Core rev: 29053ff82bf28da45eef9d7e85d6d3ce7060daf6)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Armin Kuster 2016-02-10 14:18:24 -08:00 committed by Richard Purdie
parent 78be954e90
commit 72c6b6257f
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
meta/recipes-support/libbsd/libbsd_0.8.1.bb → meta/recipes-support/libbsd/libbsd_0.8.2.bb
View File

@ -37,7 +37,7 @@ SRC_URI = " \
http://libbsd.freedesktop.org/releases/${BPN}-${PV}.tar.xz \
"
SRC_URI[md5sum] = "f3daff0283af6e30f25d68be2deac4ef"
SRC_URI[sha256sum] = "adbc8781ad720bce939b689f38a9f0247732a36792147a7c28027c393c2af9b0"
SRC_URI[md5sum] = "cdee252ccff978b50ad2336278c506c9"
SRC_URI[sha256sum] = "b2f644cae94a6e2fe109449c20ad79a0f6ee4faec2205b07eefa0020565e250a"
inherit autotools pkgconfig