path: root/package/dnsmasq/dnsmasq.mk
diff options
authorGravatar Fabrice Fontaine <fontaine.fabrice@gmail.com>2019-08-19 23:21:20 +0200
committerGravatar Peter Korsgaard <peter@korsgaard.com>2019-08-19 23:46:55 +0200
commitd7926d7cb5f9b2c820cb4b4e8576012b24a50064 (patch)
treee9ac16a9b5fe5af5e938ee43644f1c6009fd2e47 /package/dnsmasq/dnsmasq.mk
parentcc3da232e48b811853d64a74b9b538ea30c91918 (diff)
package/giflib: add two upstream security fixesHEADmaster
- Fix CVE-2018-11490: The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to a denial of service or possibly unspecified other impact. - Fix CVE-2019-15133: In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero. Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/dnsmasq/dnsmasq.mk')
0 files changed, 0 insertions, 0 deletions