commit | 09caefda2a8aac8ea4dd3744791621a1c8321dab | [log] [tgz] |
---|---|---|
author | Peter Korsgaard <peter@korsgaard.com> | Fri Nov 20 18:46:32 2020 +0100 |
committer | Peter Korsgaard <peter@korsgaard.com> | Sun Nov 22 15:27:12 2020 +0100 |
tree | ff8517c5619626239c2222d173ef9bdfdb4caa63 | |
parent | c4ea32d0061585a41ef724124b82be337442ce2a [diff] |
package/musl: add upstream security fix for CVE-2020-28928 The wcsnrtombs function has been found to have multiple bugs in handling of destination buffer size when limiting the input character count, which can lead to infinite loop with no forward progress (no overflow) or writing past the end of the destination buffer. For more details, see the advisory: https://www.openwall.com/lists/oss-security/2020/11/20/4 Signed-off-by: Peter Korsgaard <peter@korsgaard.com>