lzo: Update to 2.09
| Message ID | 1460963268-2532-1-git-send-email-alexander.marx@ipfire.org |
|---|---|
| State | Accepted |
| Commit | a9b2df01241334e65d308223da4f63c8a18d1f70 |
| Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (hedwig.ipfire.org [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 59B2962795 for <patchwork@ipfire.org>; Mon, 18 Apr 2016 09:07:58 +0200 (CEST) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 8144065AF; Mon, 18 Apr 2016 09:07:57 +0200 (CEST) Received: from localhost.localdomain (ip1f126212.dynamic.kabel-deutschland.de [31.18.98.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4EA72655D; Mon, 18 Apr 2016 09:07:53 +0200 (CEST) From: Alexander Marx <alexander.marx@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] lzo: Update to 2.09 Date: Mon, 18 Apr 2016 09:07:48 +0200 Message-Id: <1460963268-2532-1-git-send-email-alexander.marx@ipfire.org> X-Mailer: git-send-email 2.6.3 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <http://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <http://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
Message
Alexander Marx
April 18, 2016, 5:07 p.m. UTC
Changes in 2.09 (04 Feb 2015)
* Work around gcc bug #64516 that could affect architectures like
armv4, armv5 and sparc.
Changes in 2.08 (29 Jun 2014)
* Updated the Autoconf scripts to fix some reported build problems.
* Added CMake build support.
* Fixed lzo_init() on big-endian architectures like Sparc.
Changes in 2.07 (25 Jun 2014)
* Fixed a potential integer overflow condition in the "safe" decompressor
variants which could result in a possible buffer overrun when
processing maliciously crafted compressed input data.
Fortunately this issue only affects 32-bit systems and also can only happen
if you use uncommonly huge buffer sizes where you have to decompress more
than 16 MiB (> 2^24 bytes) untrusted compressed bytes within a single
function call, so the practical implications are limited.
POTENTIAL SECURITY ISSUE. CVE-2014-4607.
* Removed support for ancient configurations like 16-bit "huge" pointers -
LZO now requires a flat 32-bit or 64-bit memory model.
* Assorted cleanups.
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
---
lzo/lzo.nm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)