subject:"\[OpenWrt\-Devel\] \[PATCH 1\/2\] bzip2\: Fix CVE\-2016\-3189"

[OpenWrt-Devel] [PATCH 1/2] bzip2: Fix CVE-2016-3189

2018-08-22 Thread Rosen Penev

Issue causes a crash with specially crafted bzip2 files. More info: https://nvd.nist.gov/vuln/detail/CVE-2016-3189 Taken from Fedora. Signed-off-by: Rosen Penev --- Please backport to 18.06 and/or 17.05 package/utils/bzip2/Makefile| 2 +- package/utils/bzip2/patches/01

[OpenWrt-Devel] [PATCH 1/2] bzip2: Fix CVE-2016-3189

2018-08-17 Thread Rosen Penev

Taken from Fedora. Signed-off-by: Rosen Penev --- Please backport to 18.06 and/or 17.01 package/utils/bzip2/Makefile| 2 +- package/utils/bzip2/patches/010-CVE-2016-3189.patch | 11 +++ 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 package/