subject:"Re\: \[PATCH\] Update to minilzo\-2.08"

Re: [PATCH] Update to minilzo-2.08

2019-10-22 Thread Javier Martinez Canillas

Hello Daniel, On 10/21/19 4:48 PM, Daniel Kiper wrote: > On Fri, Oct 18, 2019 at 02:45:13PM +0200, Javier Martinez Canillas wrote: >> From: Peter Jones >> >> This fixes CVE-2014-4607 - lzo: lzo1x_decompress_safe() integer overflow >> >> Resolves: http://savannah.gnu.org/bugs/?42635 > > OK but I

Re: [PATCH] Update to minilzo-2.08

2019-10-21 Thread Daniel Kiper

On Fri, Oct 18, 2019 at 02:45:13PM +0200, Javier Martinez Canillas wrote: > From: Peter Jones > > This fixes CVE-2014-4607 - lzo: lzo1x_decompress_safe() integer overflow > > Resolves: http://savannah.gnu.org/bugs/?42635 OK but I would like to know how did you come up with that patch. Please desc