[Buildroot] [PATCH 1/1] package/uboot-tools: security bump to version 2021.04
Peter Korsgaard
peter at korsgaard.com
Mon Apr 26 17:55:57 UTC 2021
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> Le lun. 26 avr. 2021 à 14:37, Peter Korsgaard <peter at korsgaard.com> a écrit :
>>
>> >>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
>>
>> > - Fix CVE-2021-27097: The boot loader in Das U-Boot before 2021.04-rc2
>> > mishandles a modified FIT.
>> > - Fix CVE-2021-27138: The boot loader in Das U-Boot before 2021.04-rc2
>> > mishandles use of unit addresses in a FIT.
>>
>> Are these really bugs in uboot-tools, E.G. the (host-side) tools and not
>> in u-boot itself?
> Indeed, these CVEs are affecting uboot and not uboot-tools.
Ok, thanks.
I BTW noticed quite some build errors in uboot-tools since the bump:
http://autobuild.buildroot.net/?reason=host-uboot-tools-2021.04
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list