From: Michal Simek <michal.simek@amd.com>
To: <u-boot@lists.denx.de>, <git@xilinx.com>
Cc: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>,
Simon Glass <sjg@chromium.org>, Tom Rini <trini@konsulko.com>
Subject: [PATCH 0/4] zlib: Address CVE-2016-9841
Date: Wed, 27 Mar 2024 15:14:49 +0100 [thread overview]
Message-ID: <cover.1711548887.git.michal.simek@amd.com> (raw)
Hi,
it looks like that only CVE-2016-9841 is not fixed and this series is
trying to address it. The first two patches are just preparation based on
changes which happened in past. The third one is actual fix and the last
one is following what has been done in Linux kernel long time ago and don't
use incorrect zlib version string.
I tested it with and I can't see any issue.
./test/py/test.py --bd sandbox --build -s
And gitlab CI is also not showing any issue.
Thanks,
Michal
Michal Simek (4):
zlib: Rename this variable to here (current decoding table entry)
zlib: Rename write variable to wnext (window write index)
zlib: Port fix for CVE-2016-9841 to U-Boot
zlib: Remove incorrect ZLIB_VERSION
include/u-boot/zlib.h | 16 ++--
lib/gzip.c | 2 +-
lib/zlib/deflate.c | 13 +---
lib/zlib/inffast.c | 176 ++++++++++++++++--------------------------
lib/zlib/inflate.c | 31 ++++----
lib/zlib/inflate.h | 2 +-
lib/zlib/zutil.c | 1 -
7 files changed, 90 insertions(+), 151 deletions(-)
--
2.44.0
next reply other threads:[~2024-03-27 14:15 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-27 14:14 Michal Simek [this message]
2024-03-27 14:14 ` [PATCH 1/4] zlib: Rename this variable to here (current decoding table entry) Michal Simek
2024-03-27 14:14 ` [PATCH 2/4] zlib: Rename write variable to wnext (window write index) Michal Simek
2024-03-27 14:14 ` [PATCH 3/4] zlib: Port fix for CVE-2016-9841 to U-Boot Michal Simek
2024-03-27 14:14 ` [PATCH 4/4] zlib: Remove incorrect ZLIB_VERSION Michal Simek
2024-03-28 20:02 ` [PATCH 0/4] zlib: Address CVE-2016-9841 Tom Rini
2024-04-12 21:59 ` Tom Rini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1711548887.git.michal.simek@amd.com \
--to=michal.simek@amd.com \
--cc=git@xilinx.com \
--cc=oleksandr.suvorov@foundries.io \
--cc=sjg@chromium.org \
--cc=trini@konsulko.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox