mirror of
https://github.com/openwrt/packages.git
synced 2025-07-22 08:49:19 +00:00
4a94479f96
Required changes: * Add qualifying '.' to scripts or to @INC, as appropriate since we're enabling default_inc_excludes_dot; * Add new platform/library definitions like double-double format and locale library functions/headers; * Delete patch 020 as it's been upstreamed; Optional changes: * Instead of using -@rm and having that fail, emit an error message, and be ignored, just use @rm -f instead which will always succeed. Security [CVE-2017-12837] Heap buffer overflow in regular expression compiler Compiling certain regular expression patterns with the case-insensitive modifier could cause a heap buffer overflow and crash perl. This has now been fixed. [perl #131582] [CVE-2017-12883] Buffer over-read in regular expression parser For certain types of syntax error in a regular expression pattern, the error message could either contain the contents of a random, possibly large, chunk of memory, or could crash perl. This has now been fixed. [perl #131598] [CVE-2017-12814] $ENV{$key} stack buffer overflow on Windows A possible stack buffer overflow in the %ENV code on Windows has been fixed by removing the buffer completely since it was superfluous anyway. [perl #131665] Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
897 B
897 B