mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-15 16:07:26 +00:00
yasm: fix CVE-2023-37732
Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file. References: https://github.com/yasm/yasm/issues/233 https://nvd.nist.gov/vuln/detail/CVE-2023-37732 Signed-off-by: Soumya <soumya.sambu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
@@ -13,6 +13,7 @@ SRCREV = "ba463d3c26c0ece2e797b8d6381b161633b5971a"
|
||||
SRC_URI = "git://github.com/yasm/yasm.git;branch=master;protocol=https \
|
||||
file://0001-Do-not-use-AC_HEADER_STDC.patch \
|
||||
file://CVE-2023-31975.patch \
|
||||
file://CVE-2023-37732.patch \
|
||||
"
|
||||
|
||||
S = "${WORKDIR}/git"
|
||||
|
||||
Reference in New Issue
Block a user