Question concerning CVE-2014-4715 #818
Labels
Comments
|
This was fixed at release The corresponding library |
|
thank you very much, yan. |
buildroot-auto-update
pushed a commit
to buildroot/buildroot
that referenced
this issue
Mar 28, 2020
CVE-2014-4715 is misclassified (by our CVE tracker) as affecting version 1.9.2, while in fact this issue has been fixed since lz4-r130: lz4/lz4@140e6e7 See lz4/lz4#818 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
I am just looking into CVE-2014-4715 [1], specifically I am trying to verify if the issue is present since 2014.
the topic concerns of versions before 1.1.9. so i search the issues and release notes of v1.1.9.
but i can't find some references proving the CVE-2014-4715 be solved.
so please help me to check it, thanks very much.
[0] https://nvd.nist.gov/vuln/detail/CVE-2014-4715
The text was updated successfully, but these errors were encountered: