openwrt/package/libs
Petr Štetiar 3965dda0fa zlib: backport security fix for a reproducible crash in compressor
Tavis has just reported, that he was recently trying to track down a
reproducible crash in a compressor. Believe it or not, it really was a
bug in zlib-1.2.11 when compressing (not decompressing!) certain inputs.

Tavis has reported it upstream, but it turns out the issue has been
public since 2018, but the patch never made it into a release. As far as
he knows, nobody ever assigned it a CVE.

Suggested-by: Tavis Ormandy <taviso@gmail.com>
References: https://www.openwall.com/lists/oss-security/2022/03/24/1
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b3aa2909a7)
2022-03-24 08:18:21 +01:00
..
argp-standalone argp-standalone: fix compilation with Alpine Linux 2022-03-16 17:58:24 +01:00
elfutils elfutils: Add missing musl-fts dependency 2022-01-07 20:50:50 -08:00
gettext-full gettext-full: disable parallel compilation 2021-08-08 19:50:46 +02:00
gmp gmp: update to 6.2.1 2021-02-14 19:38:15 +01:00
jansson jansson: Activate link time optimization (LTO) 2020-09-06 20:30:18 +02:00
libaudit libaudit: add host-build required by policycoreutils/host 2020-09-01 14:24:07 +01:00
libbsd libbsd: update to 0.10.0 2020-02-22 16:34:57 +01:00
libcap libcap: Update to version 2.63 2022-02-01 21:25:02 +01:00
libevent2 libevent2: update to 2.1.12 2021-02-14 19:38:15 +01:00
libiconv package: replace $(STAGING_DIR)/host with $(STAGING_DIR_HOSTPKG) 2017-01-10 22:15:37 +01:00
libiconv-full libiconv-full: Makefile polishing 2020-11-26 13:09:32 -10:00
libjson-c libjson-c: don't build shared host libraries 2021-11-20 21:08:24 +01:00
libmnl treewide: revise library packaging 2019-01-24 10:39:30 +01:00
libnetfilter-conntrack libnetfilter-conntrack: backport patch fixing compilation with 5.15 2022-03-05 21:05:45 +01:00
libnfnetlink libnfnetlink: quote $(FPIC) on command line 2021-03-19 13:37:51 -10:00
libnftnl libnftnl: bump to 1.2.1 2021-12-01 00:39:26 +02:00
libnl libnl: update to 3.5.0 2019-11-01 21:19:40 +01:00
libnl-tiny libnl-tiny: update to the latest version 2021-12-14 22:59:10 +01:00
libpcap tcpdump: libpcap: Remove http://www.us.tcpdump.org mirror 2021-12-27 00:49:08 +01:00
libselinux libselinux: update to version 3.3 2021-10-28 22:15:02 +01:00
libsemanage libsemanage: update to version 3.3 2021-10-28 22:15:02 +01:00
libsepol libsepol: update to version 3.3 2021-10-31 13:01:24 +00:00
libtool treewide: revise library packaging 2019-01-24 10:39:30 +01:00
libubox libubox: update to git HEAD 2021-11-20 17:48:49 +00:00
libunwind libunwind: add ppc64 support 2021-12-21 21:37:05 +02:00
libusb libusb: Fix parsing of descriptors for multi-configuration devices 2021-02-21 10:12:10 -10:00
mbedtls mbedtls: update to 2.28.0 LTS branch 2022-02-26 19:52:41 +01:00
musl-fts musl-fts: import from packages feed 2020-08-13 11:44:05 +01:00
ncurses ncurses: update to 6.3 2022-03-19 17:42:29 +01:00
nettle nettle: disable assembler on ppc64 2021-12-21 21:36:55 +02:00
openssl openssl: bump to 1.1.1n 2022-03-16 16:28:16 +01:00
pcre pcre: bring back C++ bindings 2021-11-20 21:08:24 +01:00
popt popt: Use modern toolchain logic 2019-02-26 23:20:04 +01:00
readline readline: disable shared library for host 2021-11-20 21:08:24 +01:00
sysfsutils treewide: revise library packaging 2019-01-24 10:39:30 +01:00
toolchain toolchain: glibc: Update to version 2.34 2022-01-07 22:30:40 +01:00
uclient uclient: update to Git version 2021-05-14 2021-05-14 23:40:42 +02:00
ustream-ssl ustream-ssl: update to Git version 2022-01-16 2022-01-16 21:51:21 +01:00
wolfssl wolfssl: fix API breakage of SSL_get_verify_result 2022-02-22 20:27:15 +01:00
zlib zlib: backport security fix for a reproducible crash in compressor 2022-03-24 08:18:21 +01:00