Commit 48303d1c authored Sep 17, 2021 by Kai Kang Committed by Steve Sakoman Sep 24, 2021

squashfs-tools: fix CVE-2021-40153

Source: http://git.yoctoproject.org/poky.git
MR: 113126
Type: Security Fix
Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?h=hardknott&id=cfc17a7ab5d3b0d6354a7194b8c8746c501959d9
ChangeID: cfc17a7ab5d3b0d6354a7194b8c8746c501959d9
Description:

Backport patch to fix CVE-2021-40153, and remove version update in
unsquashfs.c for compatible.

CVE: CVE-2021-40153

Ref:
* https://security-tracker.debian.org/tracker/CVE-2021-40153



(From OE-Core rev: 09de4ef3)

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

parent 10f2333a

Hide whitespace changes

Inline Side-by-side

Please register or to comment