ghostscript: fix CVE-2021-45949 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Minjae Kim <flowergom@gmail.com>	2022-01-28 08:54:45 +0000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-02-16 09:48:51 +0000
commit	b03d18892cdd59418bebcf9f7f7a3d12815beb76 (patch)
tree	092ff352497ed9dc9835d5ba67b3f637ca8fc040 /scripts/lib/recipetool/create.py
parent	9959bee1af84dd068d69fc8b35d329fba075a80e (diff)
download	poky-b03d18892cdd59418bebcf9f7f7a3d12815beb76.tar.gz

ghostscript: fix CVE-2021-45949

Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). To apply this CVE-2021-45959 patch, the check-stack-limits-after-function-evalution.patch should be applied first. References: https://nvd.nist.gov/vuln/detail/CVE-2021-45949 (From OE-Core rev: 5fb43ed64ae32abe4488f2eb37c1b82f97f83db0) Signed-off-by: Minjae Kim <flowergom@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts/lib/recipetool/create.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: