-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi,
could you please help me to determine if U-Boot was or still is vulnerable to CVE-2014-4607? The project uses LZO decompression in lib/lzo/lzo1x_decompress.c I found the following applied patch set http://lists.denx.de/pipermail/u-boot/2014-December/197547.html but I am not sure. Thanks for any help! - -- Regards, Thomas -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0 iQJ8BAEBCgBmBQJYNLCXXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzM0M1ODQ4MkM0MDIyOTJEMkUzQzVDMDY5 NzA5RjkwQzNDOTZGRkM4AAoJEJcJ+Qw8lv/IWjEP/0sl5PHukqI+aKhDtVripPU5 67QUsepFnzPTXWmaz4a4ZVYngnSaxSbrn7l12BBr5KA3h9ffkvMpP7OWy2C7+MVO +eTOzDzMjGk5G3XLkSu3O7nnK2qqwNaoM4S+jZGrttpNXWmEVfHu3/K9vonM7WvQ B/HDf/FpAl400HWQtbCw2uz84/J8ApHjLalhPgUxS0EF5ndhmYZGaeoioaYMXXcK 2KNbS2eydBneDuoyQJAjveDqwhRVNhqKNaBZFFq1cKVBpAVVWJy1yyQFSMwYp8st /mLzFJ+3zBULrMbgoLGbgk5A9GGWVEMt1Z+OPhjExJDAe/zFfzr0BcdP9z5895nN E9TfBicVTIDNlXm4T9LVa992dJKyKD599ziU8sMsL4c7SU7G0bJp+1I1IP/LaMGZ TZ6Jcvoq/bIdfMoiY6RYjLJy1R48zwUC3BfIOz7UjhJX3WRObMXaNX9LCyih5TP3 FJVy1UB3w0zDQ53LZTvsJghQlbkEwHUaLA9ePjlnugeS5oLrtnrDR+jQYsvifRCB QMYkFloNUjNBuOIe/gTrNzfZCwk8M2zGB4efYPhVBnWUdH/fiETGC8PdzwL54uQk lvXuBWGprQXHqdjwMUblDUm3CucAFsB38y31ax3D062UySB2KO5xfb48pxe0inZX /WuG9EAxfcK7PzQYcOVw =fgWw -----END PGP SIGNATURE----- _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot