8a683a54cc9b4adb4ad527e7d5efdf1808ba4163 - buildroot

commit	8a683a54cc9b4adb4ad527e7d5efdf1808ba4163	[log] [tgz]
author	Peter Korsgaard <peter@korsgaard.com>	Sat Nov 21 13:44:47 2020 +0100
committer	Peter Korsgaard <peter@korsgaard.com>	Sun Nov 22 15:31:36 2020 +0100
tree	a17bb351f43355eace9c00c68c76b27dd7ad4b80
parent	b473ad2ec2d2d2cf981d7ec3a11d548d33d8a2cb [diff]

package/raptor: fix CVE-2017-18926

raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF
Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the
XML writer, leading to heap-based buffer overflows (sometimes seen in
raptor_qname_format_as_xml).

For more details, see the oss-security discussion:
https://www.openwall.com/lists/oss-security/2020/11/13/1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/raptor/0002-Calcualte-max-nspace-declarations-correctly-for-XML-.patch[Added - diff]
package/raptor/raptor.mk[diff]

2 files changed

tree: a17bb351f43355eace9c00c68c76b27dd7ad4b80

arch/
board/
boot/
configs/
docs/
fs/
linux/
package/
support/
system/
toolchain/
utils/
.defconfig
.flake8
.gitignore
.gitlab-ci.yml
CHANGES
Config.in
Config.in.legacy
COPYING
DEVELOPERS
Makefile
Makefile.legacy
README