mirror of
https://git.busybox.net/buildroot.git
synced 2024-11-23 21:43:30 +08:00
74ed1b5ca0
Fix CVE-2021-24032: Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to unintended parties. https://github.com/facebook/zstd/releases/tag/v1.4.9 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> |
||
|---|---|---|
| .. | ||
| Config.in | ||
| Config.in.host | ||
| zstd.hash | ||
| zstd.mk | ||