The readUvarint function would run infinitely given specific input. The function is now terminating if more than 10 bytes of input have been read. Fixes issue #35 (CVE-2020-16845).
Supports the check-ID None and fixes "Checksum None is invalid" issue #27.
How to install
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
This update has been submitted for testing by rathann.
This update's test gating status has been changed to 'ignored'.
This update's test gating status has been changed to 'waiting'.
rathann edited this update.
This update's test gating status has been changed to 'ignored'.
This update has been pushed to testing.
This update can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by bodhi.
This update has been pushed to stable.