* CVE-2021-30501
* CVE-2021-30500 Description: "An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file." https://github.com/upx/upx/issues/486 https://github.com/upx/upx/pull/487 * CVE-2021-30501 Description: "Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code and cause a denial of service via a crafted file." https://github.com/upx/upx/issues/485
Package list is empty or all packages have requested keywords.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0079cd3b6bd983ac029d76507960a3cf40413ae4 commit 0079cd3b6bd983ac029d76507960a3cf40413ae4 Author: Azamat H. Hackimov <azamat.hackimov@gmail.com> AuthorDate: 2022-10-30 12:37:24 +0000 Commit: Conrad Kostecki <conikost@gentoo.org> CommitDate: 2022-10-31 22:50:58 +0000 app-arch/upx-bin: add 4.0.0 Bug: https://bugs.gentoo.org/778530 Bug: https://bugs.gentoo.org/790281 Bug: https://bugs.gentoo.org/792348 Bug: https://bugs.gentoo.org/866794 Signed-off-by: Azamat H. Hackimov <azamat.hackimov@gmail.com> Signed-off-by: Conrad Kostecki <conikost@gentoo.org> app-arch/upx-bin/Manifest | 7 +++++++ app-arch/upx-bin/upx-bin-4.0.0.ebuild | 39 +++++++++++++++++++++++++++++++++++ 2 files changed, 46 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5f6c4062375fef16a763f3d413b099addef73432 commit 5f6c4062375fef16a763f3d413b099addef73432 Author: Azamat H. Hackimov <azamat.hackimov@gmail.com> AuthorDate: 2022-10-30 11:49:41 +0000 Commit: Conrad Kostecki <conikost@gentoo.org> CommitDate: 2022-10-31 22:50:57 +0000 app-arch/upx: add 4.0.0 Bug: https://bugs.gentoo.org/778530 Bug: https://bugs.gentoo.org/790281 Bug: https://bugs.gentoo.org/792348 Bug: https://bugs.gentoo.org/866794 Signed-off-by: Azamat H. Hackimov <azamat.hackimov@gmail.com> Signed-off-by: Conrad Kostecki <conikost@gentoo.org> app-arch/upx/Manifest | 1 + app-arch/upx/upx-4.0.0.ebuild | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+)