generic-poky

History

yanjun.zhu bca7285d84 squashfs: fix for CVE-2012-4024 Reference:http://squashfs.git.sourceforge.net/git/gitweb.cgi?p= squashfs/squashfs;a=commit;h=19c38fba0be1ce949ab44310d7f49887576cc123 Fix potential stack overflow in get_component() where an individual pathname component in an extract file (specified on the command line or in an extract file) could exceed the 1024 byte sized targname allocated on the stack. Fix by dynamically allocating targname rather than storing it as a fixed size on the stack. [YOCTO #3513] (From OE-Core rev: 972ea6c674e10cf23bedbbc581b78baa3f7c7b9b) Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2012-12-03 16:38:34 +00:00
..
patches	squashfs: fix for CVE-2012-4024	2012-12-03 16:38:34 +00:00
squashfs-tools_4.2.bb	squashfs: fix for CVE-2012-4024	2012-12-03 16:38:34 +00:00

yanjun.zhu bca7285d84 squashfs: fix for CVE-2012-4024

Reference:http://squashfs.git.sourceforge.net/git/gitweb.cgi?p=
squashfs/squashfs;a=commit;h=19c38fba0be1ce949ab44310d7f49887576cc123

Fix potential stack overflow in get_component() where an individual
pathname component in an extract file (specified on the command line
or in an extract file) could exceed the 1024 byte sized targname
allocated on the stack.

Fix by dynamically allocating targname rather than storing it as
a fixed size on the stack.

[YOCTO #3513]

(From OE-Core rev: 972ea6c674e10cf23bedbbc581b78baa3f7c7b9b)

Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2012-12-03 16:38:34 +00:00

patches

squashfs: fix for CVE-2012-4024

2012-12-03 16:38:34 +00:00

squashfs-tools_4.2.bb

squashfs: fix for CVE-2012-4024

2012-12-03 16:38:34 +00:00