Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Patch errors #2125

Merged
merged 3 commits into from
Oct 12, 2021
Merged

Patch errors #2125

merged 3 commits into from
Oct 12, 2021

Commits on Oct 12, 2021

  1. Patch errors 

    ## Examine and fix ezxml errors

re: Issue Unidata#2119

Multiple security issues were found in ezxml (see above Issue).

* CVE-2021-31598
* CVE-2021-31348 / CVE-2021-31347
* CVE-2021-31229
* CVE-2021-30485
* CVE-2021-26222
* CVE-2021-26221
* CVE-2021-26220
* CVE-2019-20202
* CVE-2019-20201
* CVE-2019-20200
* CVE-2019-20199
* CVE-2019-20198
* CVE-2019-20007
* CVE-2019-20006
* CVE-2019-20005

In addition, moved ezxml to libdispatch.

## Examine and fix selected  oss-fuzz detected errors

Note that most of these errors are in the libsrc .m4 generated
code so fixing them is difficult. It would nice if we could tell
oss-fuzz to skip those files. They are old and crufty and
probably need a complete refactor.

Issue|Status
-----|------
35382|Fixed; old bug
35398|Closed by OSS-Fuzz
35442|Guarantee alloc > 0 or error; Old bug
35721|Assert failure; ok
35992|Fixed; old bug
36038|Fixed; old bug
36129|Unfixed; old bug
36229|Fixed by adding assert; old bug
37476|Unfixed; old bug
37824|Assert Failure; ok
38300|Closed by OSS-Fuzz
38537|Unfixed; old bug
38658|Unfixed; old bug
38699|Fixed maybe; old bug
38772|Nature of error is unclear, suspect that it results from using too large a type.
39248|Need more information
39394|Unfixed; old bug
    @DennisHeimbigner
    DennisHeimbigner committed Oct 12, 2021
    Configuration menu
    Copy the full SHA
    b5d4afd View commit details
    Browse the repository at this point in the history

  2. Update release notes

    @DennisHeimbigner
    DennisHeimbigner committed Oct 12, 2021
    Configuration menu
    Copy the full SHA
    bf59324 View commit details
    Browse the repository at this point in the history

  3. Fix memory leak

    @DennisHeimbigner
    DennisHeimbigner committed Oct 12, 2021
    Configuration menu
    Copy the full SHA
    8bbdee1 View commit details
    Browse the repository at this point in the history