[Buildroot] [PATCH] libksba: security bump to version 1.3.3
Thomas Petazzoni
thomas.petazzoni at free-electrons.com
Tue Apr 14 08:07:59 UTC 2015
Dear Gustavo Zacarias,
On Mon, 13 Apr 2015 18:17:56 -0300, Gustavo Zacarias wrote:
> Fixes (no CVEs assigned yet):
>
> * integer overflow in the DN decoder src/dn.c (append_quoted,
> append_atv)
>
> * integer overflow in the BER decoder src/ber-decoder.c (ber_decoder_s)
>
> * denial of service due to stack overflow in src/ber-decoder.c
> (push_decoder_state, pop_decoder_state)
>
> Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
> ---
> package/libksba/libksba.hash | 4 ++--
> package/libksba/libksba.mk | 2 +-
> 2 files changed, 3 insertions(+), 3 deletions(-)
Applied, thanks.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
More information about the buildroot
mailing list