openwrt/package/libs/zlib/patches
Petr Štetiar 707ec48ab3 zlib: backport null dereference fix
The curl developers found test case that crashed in their testing when
using zlib patched against CVE-2022-37434, same patch we've backported
in commit 7df6795d4c ("zlib: backport fix for heap-based buffer
over-read (CVE-2022-37434)"). So we need to backport following patch in
order to fix issue introduced in that previous CVE-2022-37434 fix.

References: https://github.com/curl/curl/issues/9271
Fixes: 7df6795d4c ("zlib: backport fix for heap-based buffer over-read (CVE-2022-37434)")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit f443e9de70)
2022-08-09 08:12:46 +02:00
..
001-neon-implementation-of-adler32.patch package/libs/zlib: Add ARM and NEON optimizations 2018-01-02 17:11:12 +01:00
002-arm-specific-optimisations-for-inflate.patch zlib: properly split patches 2021-02-24 14:08:29 +01:00
003-arm-specific-optimisations-for-inflate.patch zlib: properly split patches 2021-02-24 14:08:29 +01:00
004-attach-sourcefiles-in-patch-002-to-buildsystem.patch zlib: properly split patches 2021-02-24 14:08:29 +01:00
005-relative-pkg-config-paths.patch zlib: properly split patches 2021-02-24 14:08:29 +01:00
006-fix-compressor-crash-on-certain-inputs.patch zlib: backport security fix for a reproducible crash in compressor 2022-03-24 08:18:21 +01:00
006-fix-CVE-2022-37434.patch zlib: backport fix for heap-based buffer over-read (CVE-2022-37434) 2022-08-08 09:46:36 +02:00
007-fix-null-dereference-in-fix-CVE-2022-37434.patch zlib: backport null dereference fix 2022-08-09 08:12:46 +02:00