unrar: security bump to version 5.5.8 - buildroot

diff options

author	Peter Korsgaard <peter@korsgaard.com>	2017-09-07 18:58:38 +0200
committer	Peter Korsgaard <peter@korsgaard.com>	2017-09-08 11:15:08 +0200
commit	322599744ca76d6b69960dc37c3cf3baea5dab2c (patch)
tree	8777011a0d81672e8f324645cb5cd64e24f9988f /package/qt/0013-src-corelib-arch-qatomic_arm.h-fix-build-on-ARMv8-32.patch
parent	2a59db1bb079dfd7cb40ffff7ac1cd550ff6662e (diff)
download	buildroot-322599744ca76d6b69960dc37c3cf3baea5dab2c.tar.gz buildroot-322599744ca76d6b69960dc37c3cf3baea5dab2c.zip

unrar: security bump to version 5.5.8

Fixes the following security issues: CVE-2017-12938 - UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file. CVE-2017-12940 - libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function. CVE-2017-12941 - libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function. CVE-2017-12942 - libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function. For more details, see http://www.openwall.com/lists/oss-security/2017/08/14/3 While we're at it, add a hash for the license file. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Diffstat (limited to 'package/qt/0013-src-corelib-arch-qatomic_arm.h-fix-build-on-ARMv8-32.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: