[Buildroot] [PATCH] libarchive: security bump to version 3.3.3

Peter Korsgaard peter at korsgaard.com
Sat Oct 20 12:18:16 UTC 2018


>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:

 > Fixes CVE-2017-14501: An out-of-bounds read flaw exists in
 > parse_file_info in archive_read_support_format_iso9660.c in libarchive
 > 3.3.2 when extracting a specially crafted iso9660 iso file, related to
 > archive_read_format_iso9660_read_header.

 > Drop upstream patches.

 > Use upstream provided tarball hash.

 > Signed-off-by: Baruch Siach <baruch at tkos.co.il>

Committed, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list