]> rtime.felk.cvut.cz Git - coffee/buildroot.git/commit
projects / coffee / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 12262ab) | patch
tremor: security bump to fix CVE-2018-5146
authorPeter Korsgaard <peter@korsgaard.com>
Mon, 19 Mar 2018 21:40:05 +0000 (22:40 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Tue, 20 Mar 2018 07:33:48 +0000 (08:33 +0100)
commit80266c95052024381898cada4c51d44207fddd80
treedc67d9d3e85ab4565de757ffce7488585fa0ca4etree | snapshot
parent12262ab50d6968189adcdfb64dffe75191f11187commit | diff
tremor: security bump to fix CVE-2018-5146

Prevent out-of-bounds write in codebook decoding.

Codebooks that are not an exact divisor of the partition size are now
truncated to fit within the partition.

Upstream has migrated from subversion to git, so change to git and bump the
version to include the fix for CVE-2018-5146.

While we're at it, also add a hash file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/tremor/tremor.hash [new file with mode: 0644] blob
package/tremor/tremor.mk diff | blob | history