[Buildroot] [PATCH 1/1] package/uboot-tools: security bump to version 2021.04

Fabrice Fontaine fontaine.fabrice at gmail.com
Mon Apr 26 17:57:47 UTC 2021


Le lun. 26 avr. 2021 à 19:56, Peter Korsgaard <peter at korsgaard.com> a écrit :
>
> >>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
>
>  > Le lun. 26 avr. 2021 à 14:37, Peter Korsgaard <peter at korsgaard.com> a écrit :
>  >>
>  >> >>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
>  >>
>  >> > - Fix CVE-2021-27097: The boot loader in Das U-Boot before 2021.04-rc2
>  >> >   mishandles a modified FIT.
>  >> > - Fix CVE-2021-27138: The boot loader in Das U-Boot before 2021.04-rc2
>  >> >   mishandles use of unit addresses in a FIT.
>  >>
>  >> Are these really bugs in uboot-tools, E.G. the (host-side) tools and not
>  >> in u-boot itself?
>  > Indeed, these CVEs are affecting uboot and not uboot-tools.
>
> Ok, thanks.
>
> I BTW noticed quite some build errors in uboot-tools since the bump:
>
> http://autobuild.buildroot.net/?reason=host-uboot-tools-2021.04
Indeed, should be fixed by
https://git.buildroot.net/buildroot/commit/?id=a8eef7d2e62aba92fbab3906862c6422410c8677
>
> --
> Bye, Peter Korsgaard
Best Regards,

Fabrice


More information about the buildroot mailing list