git: libfetch: Fix buffer overflow (CVE-2020-7450)

Antonio Huete Jimenez tuxillo at crater.dragonflybsd.org
Wed Jan 29 09:06:30 PST 2020


commit 009414b92e8cc83dc5e26248d417bcbdde7408b1
Author: Antonio Huete Jimenez <tuxillo at quantumachine.net>
Date:   Wed Jan 29 17:52:50 2020 +0100

    libfetch: Fix buffer overflow (CVE-2020-7450)
    
      - A remote attacker, who can supply a malicious URL to the application
        that uses libfetch(3), can trigger memory corruption and execute arbitrary
        code on the target system.
      - FreeBSD-SA-20:01.libfetch
    
    Submitted-by: bapt, emaste

Summary of changes:
 lib/libfetch/fetch.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/009414b92e8cc83dc5e26248d417bcbdde7408b1


-- 
DragonFly BSD source repository


More information about the Commits mailing list