f9f70ac04311c92ebf7187945f28a0c5df2d0326 - third_party/overlays/portage-stable

commit	f9f70ac04311c92ebf7187945f28a0c5df2d0326	[log] [tgz]
author	Oleksandr Tymoshenko <ovt@google.com>	Tue Oct 05 23:16:44 2021 +0000
committer	Oleksandr Tymoshenko <ovt@google.com>	Tue Oct 12 04:29:25 2021 +0000
tree	61777a8a0755f6ac5b9e88f680c309e944e458bb
parent	a946cb34ac329f1e21b15711eb22faa95b8d4120 [diff]

LAKITU: Backport fix for CVE-2021-39537 from ncurses 6.2

Backport fix for heap-based stack overflow in _nc_captoinfo
from the upstream commit 790a85db ("ncurses 6.2 - patch 20200531")

BUG=b/202124389
TEST=presubmit
RELEASE_NOTE=Fixed CVE-2021-39537 in ncurses package

Change-Id: Id1f905f7d9291d8fc16461fd3be62900c3f4e799
Reviewed-on: https://cos-review.googlesource.com/c/third_party/overlays/portage-stable/+/23414
Reviewed-by: Vaibhav Rustagi <vaibhavrustagi@google.com>
Reviewed-by: Robert Kolchmeyer <rkolchmeyer@google.com>
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>

sys-libs/ncurses/files/ncurses-6.2-fix-cve-2021-39537.patch[Added - diff]
sys-libs/ncurses/ncurses-6.2-r2.ebuild[Renamed from sys-libs/ncurses/ncurses-6.2-r1.ebuild - diff]

2 files changed

tree: 61777a8a0755f6ac5b9e88f680c309e944e458bb