libarchive: CVE-2017-14502 - openembedded-core-contrib - OpenEmbedded Core user contribution trees

diff options

author	Zhixiong Chi <zhixiong.chi@windriver.com>	2017-09-28 16:06:05 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-10-06 12:03:32 +0100
commit	0bedb69abff85cc07ad4a54eed41d15d0a38c080 (patch)
tree	a95a68a5afd49f5993602b90e092cff1f86e0fdc /meta/recipes-connectivity
parent	e1bbca2b6d2edbea0939cbeafe6e74c1d4c59a25 (diff)
download	openembedded-core-contrib-0bedb69abff85cc07ad4a54eed41d15d0a38c080.tar.gz

libarchive: CVE-2017-14502

read_header in archive_read_support_format_rar.c suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header. Backport the patch from https://github.com/libarchive/libarchive/commit commit 5562545b5562f6d12a4ef991fae158bf4ccf92b6 CVE: CVE-2017-14502 Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>

Diffstat (limited to 'meta/recipes-connectivity')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: