[Buildroot] [PATCH] package/screen: add security fix for CVE-2021-26937

Peter Korsgaard peter at korsgaard.com
Tue Mar 9 22:59:21 UTC 2021

>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a
 > denial of service (invalid write access and application crash) or possibly
 > have unspecified other impact via a crafted UTF-8 character sequence.

 > For more details, see the oss-security discussion:
 > https://www.openwall.com/lists/oss-security/2021/02/09/3

 > So far no fix has been added to upstream git, and a number of early proposed
 > fixes caused regressions, so pull the security fix from the screen 4.8.0-5
 > Debian package.

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed to 2020.02.x and 2020.11.x, thanks.

Bye, Peter Korsgaard

More information about the buildroot mailing list