Summary: | <dev-embedded/u-boot-tools-2020.04: double free vulnerability (CVE-2020-8432) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | normal | CC: | embedded |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.mail-archive.com/u-boot@lists.denx.de/msg354060.html | ||
See Also: |
https://github.com/gentoo/gentoo/pull/17699 https://github.com/gentoo/gentoo/pull/19533 |
||
Whiteboard: | C2 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
2020-04-10 22:45:33 UTC
Alright, it looks like the commit that fixes this was made on 20200121: https://gitlab.denx.de/u-boot/u-boot/-/commit/5749faa3d6837d6dbaf2119fc3ec49a326690c8f Can we stable newest u-boot-tools? CCing Slyfox since he's the author of this revision. amd64 done x86 done arm done all arches done Please cleanup, thanks! GLSA request filed. |