augeas: security bump to version 1.8.1 - buildroot

diff options

author	Jörg Krause <joerg.krause@embedded.rocks>	2017-09-20 15:09:31 +0200
committer	Peter Korsgaard <peter@korsgaard.com>	2017-09-20 19:20:48 +0200
commit	74ac045c80893177fc7a8b3672245bb9ab132773 (patch)
tree	7f931d26f39f339443d63c21d4b6b9ad793fa6bc /package/lcdproc/0001-Add-missing-ioctl-header.patch
parent	f1e499b778c0d114e9c88276d6ab5ea80c1384a7 (diff)
download	buildroot-74ac045c80893177fc7a8b3672245bb9ab132773.tar.gz buildroot-74ac045c80893177fc7a8b3672245bb9ab132773.zip

augeas: security bump to version 1.8.1

Fixes CVE-2017-7555 - Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution. [Peter: extend description] Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Diffstat (limited to 'package/lcdproc/0001-Add-missing-ioctl-header.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: