a9fd428c61
Security patch have been fetched from the Nixpkgs [1].
Fixes the following CVE:
- CVE-2025-48060: jq is a command-line JSON processor. In versions up to
and including 1.7.1, a heap-buffer-overflow is present in function
in the jq_fuzz_execute harness from oss-fuzz. This
crash happens on file jv.c, line 1456 . As of
time of publication, no patched versions are available.
For more information, see:
- https://nvd.nist.gov/vuln/detail/CVE-2025-48060
[1] df21c79bfb/pkgs/by-name/jq/jq/0005-Fix-heap-buffer-overflow-when-formatting-an-empty-st.patch
Signed-off-by: Yuce Kurum <yuce.kurum@mind.be>
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Buildroot is a simple, efficient and easy-to-use tool to generate embedded Linux systems through cross-compilation. The documentation can be found in docs/manual. You can generate a text document with 'make manual-text' and read output/docs/manual/manual.text. Online documentation can be found at http://buildroot.org/docs.html To build and use the buildroot stuff, do the following: 1) run 'make menuconfig' 2) select the target architecture and the packages you wish to compile 3) run 'make' 4) wait while it compiles 5) find the kernel, bootloader, root filesystem, etc. in output/images You do not need to be root to build or run buildroot. Have fun! Buildroot comes with a basic configuration for a number of boards. Run 'make list-defconfigs' to view the list of provided configurations. Please feed suggestions, bug reports, insults, and bribes back to the buildroot mailing list: buildroot@buildroot.org You can also find us on #buildroot on OFTC IRC. If you would like to contribute patches, please read https://buildroot.org/manual.html#submitting-patches