[PATCH 0/6] Resubmit series "zlib: Address CVE-2016-9841"
Christophe Leroy
christophe.leroy at csgroup.eu
Tue Jul 9 12:31:12 CEST 2024
This series reapplies the series that was merged by commit 4914263c9a14
("Merge patch series "zlib: Address CVE-2016-9841"") but then reverted
by commit bbacdd3ef776 ("Revert "Merge patch series "zlib: Address
CVE-2016-9841""") due to boot failure on powerpc/8xx platform induced
by the removal of the necessary optimatisation brought by
commit cd514aeb996e ("zlib: Optimize decompression").
In addition to the previous version, this series adds patch 3 to fix
inflate_fast() with post incremendation and removes the deletion of
commit cd514aeb996e ("zlib: Optimize decompression") by patch 4.
It also adds patch 5 which contains changes split out of patch 4 because
they are unrelated to the description of the patch.
CI passed on https://source.denx.de/u-boot/custodians/u-boot-mpc8xx/-/pipelines/21518
Christophe Leroy (1):
zlib: Fix inflate_fast() when POSTINC macro is set
Michal Simek (5):
zlib: Rename this variable to here (current decoding table entry)
zlib: Rename write variable to wnext (window write index)
zlib: Port fix for CVE-2016-9841 to U-Boot
zlib: Misc unrelated updates
zlib: Remove incorrect ZLIB_VERSION
include/u-boot/zlib.h | 16 ++---
lib/gzip.c | 2 +-
lib/zlib/deflate.c | 13 +---
lib/zlib/inffast.c | 147 +++++++++++++++++++-----------------------
lib/zlib/inflate.c | 31 ++++-----
lib/zlib/inflate.h | 2 +-
lib/zlib/zlib.h | 1 -
lib/zlib/zutil.c | 1 -
8 files changed, 90 insertions(+), 123 deletions(-)
--
2.44.0
More information about the U-Boot
mailing list