mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-02 21:48:20 +03:00
332a851a08
Add 0003-test-asclen-CVE-2018-19540.patch: If txtdesc->asclen is < 1, the array index of txtdesc->ascdata will be negative which causes the heap based overflow. Patch was proposed upstream[1] but upstream is very inactive. Linux distributions use the same fix to patch their packages. 1: https://github.com/mdadams/jasper/pull/198 Signed-off-by: Michael Vetter <jubalh@iodoru.org> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>