godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-08 02:09:48 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
fb20fe2cb04b399ccde4774dbefb4511a2a33f3d
buildroot/package/libvpx
History
Bernd Kuhls 8b9251b8cc package/libvpx: Add upstream security patch to fix CVE-2023-5217 
Fixes CVE_2023-5217: Heap buffer overflow in vp8 encoding in libvpx in
Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote
attacker to potentially exploit heap corruption via a crafted HTML page.

https://www.openwall.com/lists/oss-security/2023/09/28/5

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Peter: extend commit message, add _IGNORE_CVES]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e99999d7cb1dca94d1073fc1b2db672152cd728b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-10-01 20:37:45 +02:00
..
0001-vpx_mem-vpx_mem.h-Fix-compilation-with-uClibc.patch
0002-VP8-disallow-thread-count-changes.patch
Config.in
libvpx.hash
libvpx.mk