mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-06 18:09:44 +03:00
97128028df
- Fix CVE-2022-48303: GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters. - Update hash of COPYING (http replaced by https) https://lists.gnu.org/archive/html/info-gnu/2023-07/msg00005.html Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit d4d483451f0a305781b94b96c15a6cf4b489cd84) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>