[Android-tools-devel] Bug#892318: android-tools-fsutils: img2simg use after free
root
microrffr at gmail.com
Thu Mar 8 09:05:38 UTC 2018
Package: android-tools-fsutils
Version: 5.1.1.r38-1.1
Severity: important
Tags: patch
Dear Maintainer,
The version of img2simg in the android-tools-fsutils package has a use-after-free bug
as described and fixed in this commit:
https://android.googlesource.com/platform/system/core/+/c227a1d855cb6ab86d4927c0231cd8d3afbc957d%5E%21/#F0
Due to this, I've encountered situations where img2simg outputs wrong results.
There's a fixed version of img2simg already distributed in the img2simg binary
package, from the android-platform-system-core source package.
-- System Information:
Debian Release: buster/sid
APT prefers testing-debug
APT policy: (500, 'testing-debug'), (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.14.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968), LANGUAGE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /usr/bin/dash
Init: unable to detect
Versions of packages android-tools-fsutils depends on:
ii libc6 2.27-1
ii libpcre3 2:8.39-9
ii python 2.7.14-4
ii zlib1g 1:1.2.8.dfsg-5
android-tools-fsutils recommends no packages.
android-tools-fsutils suggests no packages.
-- no debconf information
More information about the Android-tools-devel
mailing list