2fb7cbeb74
Fixes CVE-2017-7650: Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility. For more details, see: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-11/ Or the 1.4.11 release mail (no mail about 1.4.12, but identical to 1.4.11 + a soname fix): https://lists.gnu.org/archive/html/help-libtasn1/2017-05/msg00003.html Remove 0001-configure-don-t-add-Werror-to-build-flags.patch and autoreconf as that patch is now upstream. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
|---|---|---|
| .. | ||
| Config.in | ||
| libtasn1.hash | ||
| libtasn1.mk | ||