kumquat-buildroot/package/oniguruma
Fabrice Fontaine 281871e6b0 package/oniguruma: security bump to version 6.9.3
Fixes CVE-2019-13224: A use-after-free in onig_new_deluxe() in regext.c
in Oniguruma 6.9.2 allows attackers to potentially cause information
disclosure, denial of service, or possibly code execution by providing a
crafted regular expression. The attacker provides a pair of a regex
pattern and a string, with a multi-byte encoding that gets handled by
onig_new_deluxe().

Fixes CVE-2019-13225: A NULL Pointer Dereference in match_at() in
regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause
denial of service by providing a crafted regular expression.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-08-06 22:17:35 +02:00
..
Config.in
oniguruma.hash package/oniguruma: security bump to version 6.9.3 2019-08-06 22:17:35 +02:00
oniguruma.mk package/oniguruma: security bump to version 6.9.3 2019-08-06 22:17:35 +02:00