diff options
author | Tom Rini | 2022-05-10 14:36:59 -0400 |
---|---|---|
committer | Tom Rini | 2022-06-06 17:47:17 -0400 |
commit | 2e2e784de0605081af7c5c9d04a014af69888c2c (patch) | |
tree | a9adfb4be0c1acfc26554ada9979e62e48d3d798 /cmd/load.c | |
parent | 8a1ab5e81126c6ccedaa76376e7206f5c8583aa3 (diff) |
zlib: Port fix for CVE-2018-25032 to U-Boot
While our copy of zlib is missing upstream commit 263b1a05b04e ("Allow
deflatePrime() to insert bits in the middle of a stream.") we do have
Z_FIXED support, and so the majority of the code changes in 5c44459c3b28
("Fix a bug that can crash deflate on some input when using Z_FIXED.")
apply here directly and cleanly. As this has been assigned a CVE, lets
go and apply these changes.
Link: https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
Reported-by: "Gan, Yau Wai" <yau.wai.gan@intel.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Diffstat (limited to 'cmd/load.c')
0 files changed, 0 insertions, 0 deletions