[Buildroot] [PATCH] package/musl: add upstream security fix for CVE-2020-28928
Peter Korsgaard
peter at korsgaard.com
Mon Dec 7 20:50:31 UTC 2020
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> The wcsnrtombs function has been found to have multiple bugs in handling of
> destination buffer size when limiting the input character count, which can
> lead to infinite loop with no forward progress (no overflow) or writing past
> the end of the destination buffer.
> For more details, see the advisory:
> https://www.openwall.com/lists/oss-security/2020/11/20/4
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2020.02.x and 2020.08.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list