NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
aaf958cb64
kumquat-buildroot/package/mongoose
History
Pierre-Jean Texier af320ab703 package/mongoose: security bump to version 7.2 
- Fix CVE-2021-26530: The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0
  (compiled with OpenSSL support) is vulnerable to remote OOB write attack via
  connection request after exhausting memory pool.
- Fix CVE-2021-26529: The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0
  and 6.7-6.18 (compiled with mbedTLS support) is vulnerable to remote OOB write
  attack via connection request after exhausting memory pool.
- Fix CVE-2021-26528: The mg_http_serve_file function in Cesanta Mongoose HTTP server
  7.0 is vulnerable to remote OOB write attack via connection request after exhausting
  memory pool.

See https://github.com/cesanta/mongoose/releases/tag/7.2

Signed-off-by: Pierre-Jean Texier <texier.pj2@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 20a0f60a2c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-20 20:09:57 +01:00
..
Config.in
mongoose.hash package/mongoose: security bump to version 7.2 2021-03-20 20:09:57 +01:00
mongoose.mk package/mongoose: security bump to version 7.2 2021-03-20 20:09:57 +01:00