[Buildroot] [PATCH] file: add upstream security fix

Peter Korsgaard peter at korsgaard.com
Tue Jul 17 07:26:54 UTC 2018


>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:

 > Fixes CVE-2018-10360: The do_core_note function in readelf.c in
 > libmagic.a in file 5.33 allows remote attackers to cause a denial of
 > service (out-of-bounds read and application crash) via a crafted ELF
 > file.

 > Signed-off-by: Baruch Siach <baruch at tkos.co.il>

Committed to 2018.05.x, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list