Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix fuzzy CVE patch for protobuf #550

Closed
wants to merge 1 commit into from
Closed

Fix fuzzy CVE patch for protobuf #550

wants to merge 1 commit into from

Conversation

fwuehr95
Copy link

Signed-off-by: Alexander Thoma [email protected]
Signed-off-by: Florian Wühr [email protected]

tewarid pushed a commit to tewarid/meta-openembedded that referenced this pull request Mar 22, 2022
@wangmingyu84 @kraj
bats: upgrade 1.5.0 -> 1.6.0
76d8e52 
Changelog:
=========
Added:
-----
new flag --code-quote-style (and $BATS_CODE_QUOTE_STYLE) to customize
quotes around code blocks in error output (openembedded#506)
an example/regression test for running background tasks without blocking the
test run (openembedded#525, openembedded#535)
bats_load_library for loading libraries from the search path
$BATS_LIB_PATH (openembedded#548)

Fixed:
-----
improved error trace for some broken cases (openembedded#279)
removed leftover debug file /tmp/latch in selftest suite
(single use latch) (openembedded#516)
fix recurring errors on CTRL+C tests with NPM on Windows in selftest suite (openembedded#516)
fixed leaking of local variables from debug trap (openembedded#520)
don't mark FD3 output from teardown_file as <failure> in junit output (openembedded#532)
fix unbound variable error with Bash pre 4.4 (openembedded#550)

Documentation:
--------------
remove links to defunct freenode IRC channel (openembedded#515)
improved grammar (openembedded#534)
fixed link to TAP spec (openembedded#537)

Signed-off-by: Wang Mingyu <[email protected]>
Signed-off-by: Khem Raj <[email protected]>
@akuster
Copy link
Contributor

akuster commented Apr 4, 2022

are you still seeing a issue with the current dunfell?

@fwuehr95
Copy link
Author

fwuehr95 commented Apr 5, 2022

@akuster no, looks as if it has been resolved with a14eb5e

@fwuehr95 fwuehr95 closed this Apr 5, 2022
@fwuehr95 fwuehr95 deleted the dunfell branch April 5, 2022 05:53
kraj pushed a commit to YoeDistro/meta-openembedded that referenced this pull request Jul 15, 2022
@kraj
python3-ujson: upgrade 5.3.0 -> 5.4.0
e560ab2 
Changelog:
=========
Added
------
    Add support for arbitrary size integers (openembedded#548)

Fixed
---------
    CVE-2022-31116:
        Replace wchar_t string decoding implementation with a uint32_t-based one (openembedded#555)
        Fix handling of surrogates on decoding (openembedded#550)
    CVE-2022-31117: Potential double free of buffer during string decoding
    Fix memory leak on encoding errors when the buffer was resized (openembedded#549)
    Integer parsing: always detect overflows (openembedded#544)
    Fix handling of surrogates on encoding (openembedded#530)

Signed-off-by: Xu Huan <[email protected]>
Signed-off-by: Khem Raj <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@akuster akuster

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fwuehr95 @akuster