diff options
author | Yi Zhao <yi.zhao@windriver.com> | 2018-09-07 08:22:05 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-09-27 12:17:45 +0100 |
commit | 337e750c40136af5416356eeeafd5aebf84667b9 (patch) | |
tree | a826be05a25003e203d9ed23fb279edcc7cf31cd /meta/recipes-graphics | |
parent | 15fe03a3527125bab46febddfc653423e07e9a7b (diff) | |
download | poky-337e750c40136af5416356eeeafd5aebf84667b9.tar.gz |
taglib: Security fix CVE-2018-11439
CVE-2018-11439: The TagLib::Ogg::FLAC::File::scan function in
oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause
information disclosure (heap-based buffer over-read) via a crafted audio
file.
References:
https://nvd.nist.gov/vuln/detail/CVE-2018-11439
Patch from:
https://github.com/taglib/taglib/pull/869/commits/272648ccfcccae30e002ccf34a22e075dd477278
(From OE-Core rev: a300c4917b6c22ef039158be7ae92055c35658d4)
(From OE-Core rev: 4b4c663fe048be7e7c39addb022a7ae471c743de)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-graphics')
0 files changed, 0 insertions, 0 deletions