3165efcfc2
This patch updates the miniLZO library to a newer version, which among other things fixes "CVE-2014-4607 - lzo: lzo1x_decompress_safe() integer overflow" that is present in the current used in GRUB. It also updates the "GRUB Developers Manual", to mention that the library is used and describes the process to update it to a newer release when needed. Resolves: http://savannah.gnu.org/bugs/?42635 Signed-off-by: Peter Jones <pjones@redhat.com> Signed-off-by: Javier Martinez Canillas <javierm@redhat.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> |
||
---|---|---|
.. | ||
lzoconf.h | ||
lzodefs.h | ||
minilzo.c | ||
minilzo.h |