[Buildroot] [PATCH 1/1] package/giflib: security bump to version 5.2.1
Peter Korsgaard
peter at korsgaard.com
Mon Aug 19 20:57:14 UTC 2019
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
Hi,
>> I must say this is quite big of a change for master at this point, and
>> for a security bump in general. I'm not sure between applying this, or
>> just cherry-picking the two commits that fix the CVEs.
> Cherry-picking the two commits for master is probably better.
> The CVE-2019-15133 can be retrieved here:
> https://sourceforge.net/p/giflib/code/ci/799eb6a3af8a3dd81e2429bf11a72a57e541f908
> The CVE-2018-11490 can be retrieved here:
> https://sourceforge.net/p/giflib/code/ci/08438a5098f3bb1de23a29334af55eba663f75bd
Agreed, care to send such a patch?
Thanks!
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list