p7zip: fix CVE-2023-52169 and CVE-2023-52168 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	hongxu <hongxu.jia@eng.windriver.com>	2024-11-22 21:46:40 +0800
committer	Armin Kuster <akuster808@gmail.com>	2024-12-15 13:52:02 -0500
commit	00973f130d797fe829fef17b5858c5ae8bca3220 (patch)
tree	1d69f2f3bae999506cadf190c9253f2bba9e3b02 /meta-python/recipes-devtools/python/python3-wpa-supplicant/0001-cli-drop-the-second-argument-from-click.argument-dec.patch
parent	16482be69910fbd105b0aa63160ddc443032684a (diff)
download	meta-openembedded-00973f130d797fe829fef17b5858c5ae8bca3220.tar.gz

p7zip: fix CVE-2023-52169 and CVE-2023-52168

According to [1][2], Igor Pavlov, the author of 7-Zip, refused to provide an advisory or any related change log entries. Have to backport a part of ./CPP/7zip/Archive/NtfsHandler.cpp from upstream big commit https://github.com/ip7z/7zip/commit/fc662341e6f85da78ada0e443f6116b978f79f22 [1] https://dfir.ru/2024/06/19/vulnerabilities-in-7-zip-and-ntfs3/ [2] https://dfir.ru/wp-content/uploads/2024/07/screenshot-2024-07-03-at-02-13-40-7-zip-_-bugs-_-2402-two-vulnerabilities-in-the-ntfs-handler.png Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python3-wpa-supplicant/0001-cli-drop-the-second-argument-from-click.argument-dec.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: