Re: [PATCH] Update to minilzo-2.08

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] Update to minilzo-2.08

From:	Javier Martinez Canillas
Subject:	Re: [PATCH] Update to minilzo-2.08
Date:	Tue, 22 Oct 2019 10:18:39 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.1.0

Hello Daniel,

On 10/21/19 4:48 PM, Daniel Kiper wrote:
> On Fri, Oct 18, 2019 at 02:45:13PM +0200, Javier Martinez Canillas wrote:
>> From: Peter Jones <address@hidden>
>>
>> This fixes CVE-2014-4607 - lzo: lzo1x_decompress_safe() integer overflow
>>
>> Resolves: http://savannah.gnu.org/bugs/?42635
> 
> OK but I would like to know how did you come up with that patch.
> Please describe the process in docs/grub-dev.texi. Good example is
> in commit 35b909062 (gnulib: Upgrade Gnulib and switch to bootstrap
> tool). You can also look at commit 461f1d8af (zstd: Import upstream
> zstd-1.3.6).
>

Fair enough. I'll do that in v2.
 
> Daniel
> 

Best regards,
-- 
Javier Martinez Canillas
Software Engineer - Desktop Hardware Enablement
Red Hat

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] Update to minilzo-2.08, Javier Martinez Canillas, 2019/10/18
- Re: [PATCH] Update to minilzo-2.08, Daniel Kiper, 2019/10/21
  - Re: [PATCH] Update to minilzo-2.08, Javier Martinez Canillas <=

Prev by Date: Re: [PATCH v2 2/3] Set net_<interface>_client{id, uuid} variables from DHCP options
Next by Date: Re: [PATCH] Enable pager by default
Previous by thread: Re: [PATCH] Update to minilzo-2.08
Next by thread: Reproducible grub-install
Index(es):
- Date
- Thread