minilzo: Update to minilzo-2.08

Browse source

This patch updates the miniLZO library to a newer version, which among other
things fixes "CVE-2014-4607 - lzo: lzo1x_decompress_safe() integer overflow"
that is present in the current used in GRUB.

It also updates the "GRUB Developers Manual", to mention that the library is
used and describes the process to update it to a newer release when needed.

Resolves: http://savannah.gnu.org/bugs/?42635

Signed-off-by: Peter Jones <pjones@redhat.com>
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

...

This commit is contained in:

Peter Jones 2020-01-20 15:07:49 +01:00 • committed by Daniel Kiper

parent 598de14d93

commit 3165efcfc2

5 changed files with 4769 additions and 2129 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download patch file Download diff file Expand all files Collapse all files

2582

grub-core/lib/minilzo/lzodefs.h

View file

File diff suppressed because it is too large Load diff