On Wed, Aug 24, 2022 at 9:34 PM Marta Rybczynska <rybczyn...@gmail.com> wrote: > > > > On Thu, Aug 25, 2022 at 9:25 AM ghassaneben <ghassan...@gmail.com> wrote: >> >> From: ghassaneben <ghassaneb.aat...@huawei.com> >> >> Increase the size of loop variables in the printf() implementation to avoid >> integer overflow on multi-gigabyte string arguments. CVE-2022-35737. This >> bug fix refers to: CVE-2022-35737 and it's a backport of a fix added in >> sqlite 3.39.2 (2022-07-21). >> Original commit: https://www.sqlite.org/src/info/aab790a16e1bdff7. >> > > Steve, > I'm adding it to your watch list. This is a CVE fix contrary to the "harmless > warnings" one of the commit messages is telling us.
Thanks! I'll update the short message to reflect this. Steve
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#169874): https://lists.openembedded.org/g/openembedded-core/message/169874 Mute This Topic: https://lists.openembedded.org/mt/93243836/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-