ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2025-01-29 15:44:04 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
openwrt/tools
History
Petr Štetiar 0af411f49d zlib: backport security fix for a reproducible crash in compressor 
Tavis has just reported, that he was recently trying to track down a
reproducible crash in a compressor. Believe it or not, it really was a
bug in zlib-1.2.11 when compressing (not decompressing!) certain inputs.

Tavis has reported it upstream, but it turns out the issue has been
public since 2018, but the patch never made it into a release. As far as
he knows, nobody ever assigned it a CVE.

Runtime tested on ipq40xx/glinet-b1300 and mvebu/turris-omnia.

Suggested-by: Tavis Ormandy <taviso@gmail.com>
References: https://www.openwall.com/lists/oss-security/2022/03/24/1
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b3aa2909a79aeff20d594160b207a89dc807c033)
(cherry picked from commit 3965dda0fa70dc9408f1a2e55a3ddefde78bd50e)
(cherry picked from commit f65edc9b990c2bcc10c9e9fca29253adc6fe316d)
2022-03-24 10:02:01 +01:00
..
autoconf
treewide: clean up download hashes
2016-12-16 22:39:22 +01:00
automake
add PKG_CPE_ID ids to package and tools
2017-11-17 02:24:35 +01:00
b43-tools
b43-tools: update to latest git HEAD
2018-06-18 20:29:38 +02:00
bc
Revert "bc: update to 1.07.1"
2019-05-22 21:27:44 +02:00
bison
tools/bison: Update to 3.4.1
2019-09-04 13:18:42 +02:00
cbootimage
tools: add cbootimage for tegra
2019-04-06 14:48:46 +02:00
cbootimage-configs
tools: add cbootimage-configs for tegra
2019-04-06 14:48:46 +02:00
ccache
ccache: update to 3.7.2
2019-09-04 13:34:08 +02:00
cmake
tools/cmake: fix typo in parallel make patch
2020-08-11 01:14:25 +02:00
coreutils
add PKG_CPE_ID ids to package and tools
2017-11-17 02:24:35 +01:00
dosfstools
add PKG_CPE_ID ids to package and tools
2017-11-17 02:24:35 +01:00
e2fsprogs
tools/e2fsprogs: Update to version 1.45.4
2019-11-07 19:42:42 +01:00
elftosb
treewide: clean up download hashes
2016-12-16 22:39:22 +01:00
expat
expat: Update to version 2.2.9
2019-11-07 19:42:42 +01:00
findutils
tools: findutils: fix compilation with glibc 2.28
2018-08-10 06:29:49 +02:00
firmware-utils
tplink-safeloader: fix C7v5 factory flashing from vendor fw > v1.1.x
2021-05-06 09:55:07 +02:00
flex
flex: Add a lex symlink
2018-11-25 19:23:03 +01:00
flock
tools: flock: add NFSv4 compatibility
2016-08-11 10:50:10 +02:00
genext2fs
treewide: clean up download hashes
2016-12-16 22:39:22 +01:00
gengetopt
tools/gengetopt: Update to 2.23
2019-09-04 13:26:24 +02:00
gmp
tools: gmp: Update to 6.1.2
2017-01-03 14:24:33 +01:00
include
tools: Update endian definitions for Mac OSX
2018-12-19 15:08:30 +00:00
isl
tools/isl: update to 0.20
2019-02-26 23:20:04 +01:00
kernel2minor
tools: kernel2minor: update to latest version
2018-07-12 18:15:33 +02:00
libelf
tools: libelf: fix headers to trigger -Wundef warnings
2019-09-04 13:46:55 +02:00
libressl
tools: libressl: fix compilation for non-glibc clib (FS#2400)
2019-09-04 13:31:40 +02:00
libtool
add PKG_CPE_ID ids to package and tools
2017-11-17 02:24:35 +01:00
lzma
treewide: clean up download hashes
2016-12-16 22:39:22 +01:00
lzma-old
tools/zlib: move zlib build to tools
2018-04-28 15:28:59 +02:00
m4
tools/m4: update to 1.4.19
2021-11-07 19:49:57 +01:00
make-ext4fs
make_ext4fs: Update to version 2020-01-05
2020-07-29 12:11:04 +02:00
missing-macros
tools: remove a bunch of unused automake macros
2015-03-17 10:11:00 +00:00
mkimage
tools: mkimage: fix __u64 typedef conflict with new glibc
2019-09-12 02:25:03 +00:00
mklibs
tools/mklibs: Fix compile with GCC 11
2021-05-16 23:55:26 +02:00
mm-macros
tools/mm-macros: Update to 0.9.12
2018-05-05 07:13:48 +02:00
mpc
tools/mpc: Update to 1.1.0
2018-01-18 08:04:18 +01:00
mpfr
tools/mpfr: Update to 4.0.2
2019-02-10 20:51:09 +01:00
mtd-utils
tools/mtd-utils: update to 2.1.1
2019-08-27 10:31:06 +02:00
mtools
tools/mtools: Update to 4.0.23
2018-12-24 17:05:57 +01:00
padjffs2
tools: padjffs2: add option to output padding data to stdout
2016-07-11 13:26:33 +02:00
patch
tools/patch: apply upstream patch for cve-2019-13638
2019-08-14 07:29:32 +02:00
patch-image
tools: patch-image: fix file descriptor leak.
2017-02-15 07:45:24 +01:00
patchelf
treewide: clean up download hashes
2016-12-16 22:39:22 +01:00
pkg-config
tools/pkg-config: Handle variable substitution of 'bindir' to redirect to STAGING_DIR/bin
2018-11-13 15:40:30 -05:00
qemu
add PKG_CPE_ID ids to package and tools
2017-11-17 02:24:35 +01:00
quilt
treewide: clean up download hashes
2016-12-16 22:39:22 +01:00
scons
scons: update to 3.0.5
2019-05-18 21:17:45 +02:00
sdimage
tools/sdimage: Fix build with host Linux headers < 3.18
2018-12-16 14:03:35 +01:00
sed
tools/sed: Update to 4.7
2019-02-10 20:48:25 +01:00
sparse
sparse: updated to version 0.5.2
2018-06-08 09:56:26 +02:00
squashfs
squashfs: Fix compile with GCC 10
2020-05-24 14:40:49 +02:00
squashfskit4
tools: squashfskit4: fix build with GCC10
2020-03-29 18:47:15 +02:00
sstrip
tools/sstrip: Fix compile under standard linux.
2017-12-08 10:40:20 +01:00
tar
tools: tar: update to version 1.32
2019-03-10 21:36:28 +01:00
upslug2
upslug2: Update to git repository
2019-09-04 13:47:11 +02:00
wrt350nv2-builder
tools: remove static linking support
2015-02-06 00:00:43 +00:00
xz
tools/xz: Compile with PIC to fix linking errors
2019-04-06 19:14:06 +02:00
zip
tools: zip: add option for reproducible archives
2019-01-15 19:11:53 +01:00
zlib
zlib: backport security fix for a reproducible crash in compressor
2022-03-24 10:02:01 +01:00
Makefile
tools: always create $STAGING_DIR/usr/{include,lib}
2020-12-06 08:31:03 +01:00