[Buildroot] [PATCH-2021.02.x] package/tar: add upstream security fix for CVE-2021-20193
Peter Korsgaard
peter at korsgaard.com
Sat Apr 10 16:40:36 UTC 2021
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes the following security issue:
> - CVE-2021-20193: A flaw was found in the src/list.c of tar 1.33 and
> earlier. This flaw allows an attacker who can submit a crafted input file
> to tar to cause uncontrolled consumption of memory. The highest threat
> from this vulnerability is to system availability
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2021.02.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list