3332c143c0
- Fix CVE-2021-27347: Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (DoS) via a crafted compressed file. - Fix CVE-2021-27345: A null pointer dereference was discovered in ucompthread in stream.c in Irzip 0.631 which allows attackers to cause a denial of service (DOS) via a crafted compressed file. - Fix CVE-2020-25467: A null pointer dereference was discovered lzo_decompress_buf in stream.c in Irzip 0.621 which allows an attacker to cause a denial of service (DOS) via a crafted compressed file. - lz4 is a mandatory dependency since version 0.640 and3345a239b77f3bf46203...v0.641 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
26 lines
872 B
Plaintext
26 lines
872 B
Plaintext
config BR2_PACKAGE_LRZIP
|
|
bool "lrzip"
|
|
depends on BR2_USE_MMU # fork()
|
|
depends on BR2_USE_WCHAR
|
|
depends on BR2_TOOLCHAIN_HAS_THREADS
|
|
depends on BR2_INSTALL_LIBSTDCPP
|
|
select BR2_PACKAGE_ZLIB
|
|
select BR2_PACKAGE_LZ4
|
|
select BR2_PACKAGE_LZO
|
|
select BR2_PACKAGE_BZIP2
|
|
help
|
|
A compression utility that excels at compressing large files
|
|
(usually > 10-50 MB). Larger files and/or more free RAM means
|
|
that the utility will be able to more effectively compress
|
|
your files (ie: faster / smaller size), especially if the
|
|
filesize(s) exceed 100 MB. You can either choose to optimise
|
|
for speed (fast compression / decompression) or size,
|
|
but not both.
|
|
|
|
https://github.com/ckolivas/lrzip
|
|
|
|
comment "lrzip needs a toolchain w/ wchar, threads, C++"
|
|
depends on BR2_USE_MMU
|
|
depends on !BR2_USE_WCHAR || !BR2_TOOLCHAIN_HAS_THREADS || \
|
|
!BR2_INSTALL_LIBSTDCPP
|