[Buildroot] [PATCH] gst1-plugins-bad: add upstream patch to fix security issue in vmnc decoder

Peter Korsgaard peter at korsgaard.com
Mon Nov 28 22:44:53 UTC 2016


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > As detailed by Chris Evans, the vmnc decoder contains an integer overflow which
 > can be exploited:

 > https://scarybeastsecurity.blogspot.be/2016/11/0day-poc-risky-design-decisions-in.html

 > Fixes CVE-2016-9445 and CVE-2016-9446.

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list