git: DragonFly_RELEASE_5_6 libfetch: Fix buffer overflow (CVE-2020-7450)

Antonio Huete Jimenez tuxillo at crater.dragonflybsd.org
Wed Jan 29 09:16:38 PST 2020


commit fd17ab246da5e83c006c3dcc23bee06babb9b6e2
Author: Antonio Huete Jimenez <tuxillo at quantumachine.net>
Date:   Wed Jan 29 17:52:50 2020 +0100

    libfetch: Fix buffer overflow (CVE-2020-7450)
    
      - A remote attacker, who can supply a malicious URL to the application
        that uses libfetch(3), can trigger memory corruption and execute arbitrary
        code on the target system.
      - FreeBSD-SA-20:01.libfetch
    
    Submitted-by: bapt, emaste

Summary of changes:
 lib/libfetch/fetch.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/fd17ab246da5e83c006c3dcc23bee06babb9b6e2


-- 
DragonFly BSD source repository



More information about the Commits mailing list