[Buildroot] [PATCH 1/1] package/e2fsprogs: security bump to version 1.45.5

Peter Korsgaard peter at korsgaard.com
Wed Feb 5 19:37:24 UTC 2020

>>>>> "Titouan" == Titouan Christophe <titouan.christophe at railnova.eu> writes:

 > This fixes CVE-2019-5188:
 > A code execution vulnerability exists in the directory rehashing
 > functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4
 > directory can cause an out-of-bounds write on the stack, resulting
 > in code execution. An attacker can corrupt a partition to trigger
 > this vulnerability.

 > Also change the hash file to the new spacing convention introduced
 > by Yann E. Morin.

 > Signed-off-by: Titouan Christophe <titouan.christophe at railnova.eu>

Committed, thanks.

Bye, Peter Korsgaard

More information about the buildroot mailing list