* The new security fix in 6.4.20 for CVE-2021-36386 caused truncation of messages logged to buffered outputs, predominantly --logfile.
This also caused lines in the logfile to run into one another because the fragment containing the '\n' line-end character was usually lost. Reason is that on all modern systems (with <stdarg.h> header and vsnprintf() interface), the length of log message fragments was added up twice, so that these ended too deep into a freshly allocated buffer, after the '\0' byte. Unbuffered outputs flushed the fragments right away, which masked the bug. Signed-off-by: Wang Mingyu <wan...@fujitsu.com> --- .../fetchmail/{fetchmail_6.4.20.bb => fetchmail_6.4.21.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-networking/recipes-support/fetchmail/{fetchmail_6.4.20.bb => fetchmail_6.4.21.bb} (91%) diff --git a/meta-networking/recipes-support/fetchmail/fetchmail_6.4.20.bb b/meta-networking/recipes-support/fetchmail/fetchmail_6.4.21.bb similarity index 91% rename from meta-networking/recipes-support/fetchmail/fetchmail_6.4.20.bb rename to meta-networking/recipes-support/fetchmail/fetchmail_6.4.21.bb index 13d91b4d52..33a05ed61a 100644 --- a/meta-networking/recipes-support/fetchmail/fetchmail_6.4.20.bb +++ b/meta-networking/recipes-support/fetchmail/fetchmail_6.4.21.bb @@ -12,7 +12,7 @@ DEPENDS = "openssl" SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.xz \ " -SRC_URI[sha256sum] = "c82141ae2e8f0039ceb0c5c2eda43c5e93ad0bf7f9c6bb628092b3be74386176" +SRC_URI[sha256sum] = "6a459c1cafd7a1daa5cd137140da60c18c84b5699cd8e7249a79c33342c99d1d" inherit autotools gettext python3-dir python3native -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#92656): https://lists.openembedded.org/g/openembedded-devel/message/92656 Mute This Topic: https://lists.openembedded.org/mt/84988274/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-