On Fri, Oct 18, 2019 at 02:45:13PM +0200, Javier Martinez Canillas wrote: > From: Peter Jones <pjo...@redhat.com> > > This fixes CVE-2014-4607 - lzo: lzo1x_decompress_safe() integer overflow > > Resolves: http://savannah.gnu.org/bugs/?42635
OK but I would like to know how did you come up with that patch. Please describe the process in docs/grub-dev.texi. Good example is in commit 35b909062 (gnulib: Upgrade Gnulib and switch to bootstrap tool). You can also look at commit 461f1d8af (zstd: Import upstream zstd-1.3.6). Daniel _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
