[Buildroot] [PATCH 2/2] package/shapelib: fix CVE-2022-0699
Peter Korsgaard
peter at korsgaard.com
Tue Nov 8 19:39:52 UTC 2022
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0
> and older releases. This issue may allow an attacker to cause a denial
> of service or have other unspecified impact via control over malloc.
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Committed to 2022.08.x and 2022.02.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list