ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2025-01-01 11:36:49 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
23ad680a34
openwrt/package/libs/zlib/patches
History
Petr Štetiar b93327c469 zlib: backport null dereference fix 
The curl developers found test case that crashed in their testing when
using zlib patched against CVE-2022-37434, same patch we've backported
in commit 7df6795d4c ("zlib: backport fix for heap-based buffer
over-read (CVE-2022-37434)"). So we need to backport following patch in
order to fix issue introduced in that previous CVE-2022-37434 fix.

References: https://github.com/curl/curl/issues/9271
Fixes: 7df6795d4c ("zlib: backport fix for heap-based buffer over-read (CVE-2022-37434)")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit f443e9de70)
(cherry picked from commit 707ec48ab3)
2022-08-09 08:15:26 +02:00
..
001-neon-implementation-of-adler32.patch package/libs/zlib: Add ARM and NEON optimizations 2018-01-02 17:11:12 +01:00
002-arm-specific-optimisations-for-inflate.patch zlib: properly split patches 2021-02-25 14:41:40 +01:00
003-arm-specific-optimisations-for-inflate.patch zlib: properly split patches 2021-02-25 14:41:40 +01:00
004-attach-sourcefiles-in-patch-002-to-buildsystem.patch zlib: properly split patches 2021-02-25 14:41:40 +01:00
005-relative-pkg-config-paths.patch zlib: properly split patches 2021-02-25 14:41:40 +01:00
006-fix-compressor-crash-on-certain-inputs.patch zlib: backport security fix for a reproducible crash in compressor 2022-03-24 09:40:12 +01:00
006-fix-CVE-2022-37434.patch zlib: backport fix for heap-based buffer over-read (CVE-2022-37434) 2022-08-08 10:00:39 +02:00
007-fix-null-dereference-in-fix-CVE-2022-37434.patch zlib: backport null dereference fix 2022-08-09 08:15:26 +02:00