NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
aaf958cb64
kumquat-buildroot/package/mongoose/mongoose.hash
Pierre-Jean Texier af320ab703 package/mongoose: security bump to version 7.2 
- Fix CVE-2021-26530: The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0
  (compiled with OpenSSL support) is vulnerable to remote OOB write attack via
  connection request after exhausting memory pool.
- Fix CVE-2021-26529: The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0
  and 6.7-6.18 (compiled with mbedTLS support) is vulnerable to remote OOB write
  attack via connection request after exhausting memory pool.
- Fix CVE-2021-26528: The mg_http_serve_file function in Cesanta Mongoose HTTP server
  7.0 is vulnerable to remote OOB write attack via connection request after exhausting
  memory pool.

See https://github.com/cesanta/mongoose/releases/tag/7.2

Signed-off-by: Pierre-Jean Texier <texier.pj2@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 20a0f60a2c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-20 20:09:57 +01:00

4 lines
196 B
Plaintext
Raw Blame History

# Locally computed:
sha256 8c5024a4e5b5a0c7fdae3c24ebc68e2b3ccfaba08cf25c2e76fc7f14f92fd4a5 mongoose-7.2.tar.gz
sha256 9553d057f2ba980642f2c18d87ed38896cff1c9612d77d684a73a11fe1443b05 LICENSE
Reference in New Issue View Git Blame Copy Permalink