[Buildroot] [PATCH 1/1] package/uboot-tools: security bump to version 2021.04

Peter Korsgaard peter at korsgaard.com
Mon Apr 26 17:55:57 UTC 2021


>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:

 > Le lun. 26 avr. 2021 à 14:37, Peter Korsgaard <peter at korsgaard.com> a écrit :
 >> 
 >> >>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
 >> 
 >> > - Fix CVE-2021-27097: The boot loader in Das U-Boot before 2021.04-rc2
 >> >   mishandles a modified FIT.
 >> > - Fix CVE-2021-27138: The boot loader in Das U-Boot before 2021.04-rc2
 >> >   mishandles use of unit addresses in a FIT.
 >> 
 >> Are these really bugs in uboot-tools, E.G. the (host-side) tools and not
 >> in u-boot itself?
 > Indeed, these CVEs are affecting uboot and not uboot-tools.

Ok, thanks.

I BTW noticed quite some build errors in uboot-tools since the bump:

http://autobuild.buildroot.net/?reason=host-uboot-tools-2021.04

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list