5dbebf3d35095e26463bbb0fddebf906454a685c - buildroot

commit	5dbebf3d35095e26463bbb0fddebf906454a685c	[log] [tgz]
author	Fabrice Fontaine <fontaine.fabrice@gmail.com>	Thu Oct 15 19:02:53 2020 +0200
committer	Thomas Petazzoni <thomas.petazzoni@bootlin.com>	Thu Oct 15 22:29:25 2020 +0200
tree	fb10f639f5cc9f10d79021b56cb958eebe3c4244
parent	dfda62d326d9fe77dc46429a398824b3405d042e [diff]

package/oniguruma: fix CVE-2020-26159

Fix CVE-2020-26159: In Oniguruma 6.9.5_rev1, an attacker able to supply
a regular expression for compilation may be able to overflow a buffer by
one byte in concat_opt_exact_str in src/regcomp.c.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/oniguruma/0001-207-Out-of-bounds-write.patch[Added - diff]
package/oniguruma/oniguruma.mk[diff]

2 files changed

tree: fb10f639f5cc9f10d79021b56cb958eebe3c4244

arch/
board/
boot/
configs/
docs/
fs/
linux/
package/
support/
system/
toolchain/
utils/
.defconfig
.flake8
.gitignore
.gitlab-ci.yml
CHANGES
Config.in
Config.in.legacy
COPYING
DEVELOPERS
Makefile
Makefile.legacy
README