commit | 5dbebf3d35095e26463bbb0fddebf906454a685c | [log] [tgz] |
---|---|---|
author | Fabrice Fontaine <fontaine.fabrice@gmail.com> | Thu Oct 15 19:02:53 2020 +0200 |
committer | Thomas Petazzoni <thomas.petazzoni@bootlin.com> | Thu Oct 15 22:29:25 2020 +0200 |
tree | fb10f639f5cc9f10d79021b56cb958eebe3c4244 | |
parent | dfda62d326d9fe77dc46429a398824b3405d042e [diff] |
package/oniguruma: fix CVE-2020-26159 Fix CVE-2020-26159: In Oniguruma 6.9.5_rev1, an attacker able to supply a regular expression for compilation may be able to overflow a buffer by one byte in concat_opt_exact_str in src/regcomp.c. Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>