diff options
| author |   wangmy <wangmy@fujitsu.com> | 2021-08-19 10:30:47 +0800 |
|---|---|---|
| committer |   Khem Raj <raj.khem@gmail.com> | 2021-08-20 09:26:18 -0700 |
| commit | e9b63bece7eadfb42bb1e3b3460975e2849a822b (patch) | |
| tree | 7cb099314e981817362d0bcf5cb00706dd8095e3 | |
| parent | 36066f34e81fabf9d93e62eac851097c111427a8 (diff) | |
| download | meta-openembedded-contrib-e9b63bece7eadfb42bb1e3b3460975e2849a822b.tar.gz | |
fetchmail: upgrade 6.4.20 -> 6.4.21
* The new security fix in 6.4.20 for CVE-2021-36386 caused truncation of
messages logged to buffered outputs, predominantly --logfile.
This also caused lines in the logfile to run into one another because
the fragment containing the '\n' line-end character was usually lost.
Reason is that on all modern systems (with <stdarg.h> header and vsnprintf()
interface), the length of log message fragments was added up twice, so
that these ended too deep into a freshly allocated buffer, after the '\0'
byte. Unbuffered outputs flushed the fragments right away, which masked the
bug.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
| -rw-r--r-- | meta-networking/recipes-support/fetchmail/fetchmail_6.4.21.bb (renamed from meta-networking/recipes-support/fetchmail/fetchmail_6.4.20.bb) | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/meta-networking/recipes-support/fetchmail/fetchmail_6.4.20.bb b/meta-networking/recipes-support/fetchmail/fetchmail_6.4.21.bb index 13d91b4d52..33a05ed61a 100644 --- a/meta-networking/recipes-support/fetchmail/fetchmail_6.4.20.bb +++ b/meta-networking/recipes-support/fetchmail/fetchmail_6.4.21.bb @@ -12,7 +12,7 @@ DEPENDS = "openssl" SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.xz \ " -SRC_URI[sha256sum] = "c82141ae2e8f0039ceb0c5c2eda43c5e93ad0bf7f9c6bb628092b3be74386176" +SRC_URI[sha256sum] = "6a459c1cafd7a1daa5cd137140da60c18c84b5699cd8e7249a79c33342c99d1d" inherit autotools gettext python3-dir python3native |