p7zip: Fix CVE-2023-52169 and CVE-2023-52168 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	hongxu <hongxu.jia@eng.windriver.com>	2024-11-22 21:49:41 +0800
committer	Armin Kuster <akuster808@gmail.com>	2024-12-08 15:03:06 -0500
commit	66ef07598aa54167d970b06e33a936d23091e89e (patch)
tree	f26f4645b82bd1a3027052c93dfb3af784cd0677 /meta-python/recipes-devtools/python/python3-aiohttp
parent	9f598082ed27aecfcd2c7bd30e487dbc03318b31 (diff)
download	meta-openembedded-66ef07598aa54167d970b06e33a936d23091e89e.tar.gz

p7zip: Fix CVE-2023-52169 and CVE-2023-52168

According to [1][2], Igor Pavlov, the author of 7-Zip, refused to provide an advisory or any related change log entries. Have to backport a part of ./CPP/7zip/Archive/NtfsHandler.cpp from upstream big commit https://github.com/ip7z/7zip/commit/fc662341e6f85da78ada0e443f6116b978f79f22 [1] https://dfir.ru/2024/06/19/vulnerabilities-in-7-zip-and-ntfs3/ [2] https://dfir.ru/wp-content/uploads/2024/07/screenshot-2024-07-03-at-02-13-40-7-zip-_-bugs-_-2402-two-vulnerabilities-in-the-ntfs-handler.png Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python3-aiohttp')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: