| Roland Shoemaker | a3a17c9 | 2021-04-14 12:59:24 -0700 | [diff] [blame] | 1 | module: github.com/cloudflare/golz4 |
| 2 | versions: |
| Roland Shoemaker | 24a7677 | 2021-04-19 20:07:53 -0700 | [diff] [blame] | 3 | - fixed: v0.0.0-20140711154735-199f5f787806 |
| Roland Shoemaker | a3a17c9 | 2021-04-14 12:59:24 -0700 | [diff] [blame] | 4 | description: | |
| Roland Shoemaker | 24a7677 | 2021-04-19 20:07:53 -0700 | [diff] [blame] | 5 | LZ4 bindings use a deprecated C API that is vulnerable to |
| 6 | memory corruption, which could lead to arbitrary code execution |
| 7 | if called with untrusted user input. |
| Roland Shoemaker | a3a17c9 | 2021-04-14 12:59:24 -0700 | [diff] [blame] | 8 | published: 2021-04-14T12:00:00Z |
| Roland Shoemaker | 24a7677 | 2021-04-19 20:07:53 -0700 | [diff] [blame] | 9 | credit: Yann Collet |
| Roland Shoemaker | a3a17c9 | 2021-04-14 12:59:24 -0700 | [diff] [blame] | 10 | symbols: |
| Roland Shoemaker | 24a7677 | 2021-04-19 20:07:53 -0700 | [diff] [blame] | 11 | - Uncompress |
| Roland Shoemaker | a3a17c9 | 2021-04-14 12:59:24 -0700 | [diff] [blame] | 12 | links: |
| 13 | commit: https://github.com/cloudflare/golz4/commit/199f5f7878062ca17a98e079f2dbe1205e2ed898 |
| 14 | context: |
| Roland Shoemaker | 24a7677 | 2021-04-19 20:07:53 -0700 | [diff] [blame] | 15 | - https://github.com/cloudflare/golz4/issues/5 |
