aboutsummaryrefslogtreecommitdiffstats
path: root/package/utils
diff options
context:
space:
mode:
authorPetr Štetiar <ynezz@true.cz>2022-08-09 07:50:19 +0200
committerPetr Štetiar <ynezz@true.cz>2022-08-09 08:15:26 +0200
commitb93327c4692e605649ff1afade98899a9c4aa1ca (patch)
treea74a75b42f54534f23b0167a14b90888f6b4ac0b /package/utils
parent5f189f2f333b25aec20bbf4cc9d5d8ca488ec895 (diff)
downloadupstream-b93327c4692e605649ff1afade98899a9c4aa1ca.tar.gz
upstream-b93327c4692e605649ff1afade98899a9c4aa1ca.tar.bz2
upstream-b93327c4692e605649ff1afade98899a9c4aa1ca.zip
zlib: backport null dereference fix
The curl developers found test case that crashed in their testing when using zlib patched against CVE-2022-37434, same patch we've backported in commit 7df6795d4c25 ("zlib: backport fix for heap-based buffer over-read (CVE-2022-37434)"). So we need to backport following patch in order to fix issue introduced in that previous CVE-2022-37434 fix. References: https://github.com/curl/curl/issues/9271 Fixes: 7df6795d4c25 ("zlib: backport fix for heap-based buffer over-read (CVE-2022-37434)") Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit f443e9de7003c00a935b9ea12f168e09e83b48cd) (cherry picked from commit 707ec48ab3db6d08bd022df1bc720aee68b3b99d)
Diffstat (limited to 'package/utils')
0 files changed, 0 insertions, 0 deletions