mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-08 02:09:48 +03:00
cae8be20ed
- Use tar.gz as SHA512SUMS does not contain the hash for tar.xz - Fix CVE-2020-15900: A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32_t. https://www.ghostscript.com/doc/9.53.0/News.htm Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>