diff options
| author | dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 2021-03-25 07:05:38 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-03-25 07:05:38 +0000 |
| commit | 9a899da16080df0354e65decfc06dddeefa7920d (patch) | |
| tree | 0fa432fa10ef1fe8708f493a60cc6616b14cb92f /vendor/github.com/ulikunitz/xz/TODO.md | |
| parent | e523d09638b05edfd51538ac5786f00793e396ee (diff) | |
| download | podman-9a899da16080df0354e65decfc06dddeefa7920d.tar.gz podman-9a899da16080df0354e65decfc06dddeefa7920d.tar.bz2 podman-9a899da16080df0354e65decfc06dddeefa7920d.zip | |
Bump github.com/containers/storage from 1.28.0 to 1.28.1
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.28.0 to 1.28.1.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.28.0...v1.28.1)
Signed-off-by: dependabot[bot] <support@github.com>
Diffstat (limited to 'vendor/github.com/ulikunitz/xz/TODO.md')
| -rw-r--r-- | vendor/github.com/ulikunitz/xz/TODO.md | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/vendor/github.com/ulikunitz/xz/TODO.md b/vendor/github.com/ulikunitz/xz/TODO.md index 88c7341c8..594e0c7fe 100644 --- a/vendor/github.com/ulikunitz/xz/TODO.md +++ b/vendor/github.com/ulikunitz/xz/TODO.md @@ -86,6 +86,14 @@ ## Log +### 2021-02-02 + +Mituo Heijo has fuzzed xz and found a bug in the function readIndexBody. The +function allocated a slice of records immediately after reading the value +without further checks. Since the number has been too large the make function +did panic. The fix is to check the number against the expected number of records +before allocating the records. + ### 2020-12-17 Release v0.5.9 fixes warnings, a typo and adds SECURITY.md. |