[Buildroot] [PATCH 2/2] package/libvorbis: annote CVE-2018-10393
Peter Korsgaard
peter at korsgaard.com
Sat Mar 14 18:39:43 UTC 2020
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a
> stack-based buffer over-read.
> Same patch as for CVE-2017-14160
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Committed to 2019.02.x and 2019.11.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list