deepcrayon/buildroot
deepcrayon/buildroot
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
buildroot/package/rpm
History
Fabrice Fontaine 768152e2a6 package/rpm: security bump to version 4.16.1.3 
- Fix arbitrary data copied from signature header past signature
  checking (CVE-2021-3421)
- Fix signature check bypass with corrupted package (CVE-2021-20271)
- Fix missing bounds checks in headerImport() and headerCheck()
  (CVE-2021-20266)
- Fix missing sanity checks on header entry count and region data
  overlap
- Fix access past end of header if the last entry is string type
- Fix unsafe headerCopyLoad() still used in codebase

Drop all patches (already in version)

https://rpm.org/wiki/Releases/4.16.1.3.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-03 09:09:55 +02:00
..
Config.in
rpm.hash package/rpm: security bump to version 4.16.1.3 2021-04-03 09:09:55 +02:00
rpm.mk package/rpm: security bump to version 4.16.1.3 2021-04-03 09:09:55 +02:00