]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4cac379) | patch
zlib: CVE-2022-37434 a heap-based buffer over-read
authorHitendra Prajapati <hprajapati@mvista.com>
Wed, 17 Aug 2022 09:05:05 +0000 (14:35 +0530)
committerSteve Sakoman <steve@sakoman.com>
Wed, 17 Aug 2022 14:18:45 +0000 (04:18 -1000)
commit10ed7cf347d9e73b29e4a3f6ef77e0a4b08e350b
treec8a70bca1a32c9743cb6de7662051d4f374aab29tree
parent4cac37913d08f433668778e788f01e009dbb94bdcommit | diff
zlib: CVE-2022-37434 a heap-based buffer over-read

Source: https://github.com/madler/zlib
MR: 120531
Type: Security Fix
Disposition: Backport from https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1 & https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d
ChangeID: 364c17d74213c64fe40b9b37ee78aa172ff93acf
Description:
          CVE-2022-37434 zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field.

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-core/zlib/zlib/CVE-2022-37434.patch [new file with mode: 0644] blob
meta/recipes-core/zlib/zlib_1.2.11.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core