Re: [OE-core] [poky][master][PATCH] bzip2: Fix CVE-2019-12900

Ross Burton Wed, 15 Jan 2020 08:31:11 -0800

On 15/01/2020 15:47, Saloni Jain wrote:

From: Sana Kazi <sana.k...@kpit.com>


Added patch for CVE-2019-12900 as backport from upstream.
Fixes out of bound access discovered while fuzzying karchive.

Tested by: sana.k...@kpit.com

Signed-off-by: Saloni Jain <saloni.j...@kpit.com>

Need a S-o-b in the patch itself alongside a CVE tag, but also why not abackport for Warrior and Thud?


Ross

--
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [poky][master][PATCH] bzip2: Fix CVE-2019-12900

Reply via email to