Google Git
Sign in
android-kvm / buildroot / 46b07c8a87f354527d4173d873b6674d99e4fbab
commit46b07c8a87f354527d4173d873b6674d99e4fbab[log] [tgz]
authorBaruch Siach <baruch@tkos.co.il>Fri Sep 15 07:40:20 2017 +0300
committerPeter Korsgaard <peter@korsgaard.com>Sun Sep 24 21:36:09 2017 +0200
tree6b32755d6c939dd7a597aa1fb2e782f4c5d58fd3
parentbde9621d0f0c5d88f316ea0df9e125f73c88f2bb [diff]
libidn: add fix for CVE-2017-14062

Add upstream patch fixing CVE-2017-14062:

Integer overflow in the decode_digit function in puny_decode.c in
Libidn2 before 2.0.4 allows remote attackers to cause a denial of
service or possibly have unspecified other impact.

This issue also affects libidn.

Unfortunately, the patch also triggers reconf of the documentation
subdirectory, since lib/punycode.c is listed in GDOC_SRC that is defined
in doc/Makefile.am. Add autoreconf to handle that.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 49cb795f7965328ce7a57cbc3736b0fc03919fe7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2 files changed
tree: 6b32755d6c939dd7a597aa1fb2e782f4c5d58fd3
  1. arch/
  2. board/
  3. boot/
  4. configs/
  5. docs/
  6. fs/
  7. linux/
  8. package/
  9. support/
  10. system/
  11. toolchain/
  12. .defconfig
  13. .gitignore
  14. CHANGES
  15. Config.in
  16. Config.in.legacy
  17. COPYING
  18. DEVELOPERS
  19. Makefile
  20. Makefile.legacy
  21. README