package/libarchive: security bump to version 3.5.2 (a223dd4a) · Commits · Infra Solutions / Reference Design / platsw / buildroot · GitLab

Commit a223dd4a authored Aug 24, 2021 by Fabrice Fontaine Committed by Arnout Vandecappelle (Essensium/Mind) Aug 25, 2021

package/libarchive: security bump to version 3.5.2

Fix CVE-2021-36976: libarchive 3.4.1 through 3.5.1 has a use-after-free
in copy_string (called from do_uncompress_block and process_block).

https://github.com/libarchive/libarchive/releases/tag/v3.5.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

parent a4a4330b

Hide whitespace changes

Inline Side-by-side

Please register or to comment