libarchive: fix CVE-2025-5915 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Divya Chellam <divya.chellam@windriver.com>	2025-07-02 12:21:31 +0530
committer	Steve Sakoman <steve@sakoman.com>	2025-07-09 08:43:32 -0700
commit	0f2564b7c013ea7690ecfc997adc952d5cade5ea (patch)
tree	b1b189b4fb181ce94a282acdab3176c614260e68 /documentation/dev-manual/python-development-shell.rst
parent	28f102461ab6faafddd10448f136a55bb41d140f (diff)
download	poky-0f2564b7c013ea7690ecfc997adc952d5cade5ea.tar.gz

libarchive: fix CVE-2025-5915

A vulnerability has been identified in the libarchive library. This flaw can lead to a heap b uffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer -Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memo ry buffer, which can result in unpredictable program behavior, crashes (denial of service), o r the disclosure of sensitive information from adjacent memory regions. Reference: https://security-tracker.debian.org/tracker/CVE-2025-5915 Upstream-patches: https://github.com/libarchive/libarchive/commit/a612bf62f86a6faa47bd57c52b94849f0a404d8c (From OE-Core rev: 99fdc86ad57db4d8829a33033918cf78419977af) Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'documentation/dev-manual/python-development-shell.rst')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: