8000 chore: cherry-pick 406ae3e8a9a8 from chromium by ppontes · Pull Request #28814 · electron/electron · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

chore: cherry-pick 406ae3e8a9a8 from chromium #28814

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Apr 27, 2021
Merged

chore: cherry-pick 406ae3e8a9a8 from chromium #28814

merged 5 commits into from
Apr 27, 2021

Conversation

ppontes
Copy link
Member
@ppontes ppontes commented Apr 23, 2021
edited
Loading

M86-LTS: Mojo: Properly validate broadcast events

This corrects broadcast event deserialization by adding a missing
validation step when decoding the outer message header.

(cherry picked from commit 6740adb28374ddeee13febfd5e5d20cb8a365979)

Fixed: 1195308
Change-Id: Ia67a20e48614e7ef00b1b32f7f4e5f20235be310
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2808678
Reviewed-by: Daniel Cheng dcheng@chromium.org
Commit-Queue: Ken Rockot rockot@google.com
Cr-Original-Commit-Position: refs/heads/master@{#870238}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2837712
Owners-Override: Achuith Bhandarkar achuith@chromium.org
Auto-Submit: Achuith Bhandarkar achuith@chromium.org
Reviewed-by: Artem Sumaneev asumaneev@google.com
Commit-Queue: Achuith Bhandarkar achuith@chromium.org
Cr-Commit-Position: refs/branch-heads/4240@{#1614}
Cr-Branched-From: f297677702651916bbf65e59c0d4bbd4ce57d1ee-refs/heads/master@{#800218}

Notes: Security: backported fix to CVE-2021-21223.

@ppontes ppontes requested a review from a team as a code owner April 23, 2021 20:06
@ppontes ppontes added 10-x-y backport-check-skip Skip trop's backport validity checking semver/patch backwards-compatible bug fixes labels Apr 23, 2021
@electron-cation electron-cation bot added new-pr 🌱 PR opened recently and removed new-pr 🌱 PR opened recently labels Apr 23, 2021
@zcbenz zcbenz merged commit c977494 into 10-x-y Apr 27, 2021
@release-clerk
Copy link
release-clerk bot commented Apr 27, 2021

Release Notes Persisted

Security: backported fix to CVE-2021-21223.

@zcbenz zcbenz deleted the cherry-pick/10-x-y/chromium/406ae3e8a9a8 branch April 27, 2021 01:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nornagon nornagon nornagon approved these changes

@zcbenz zcbenz zcbenz approved these changes

Assignees
No one assigned
Labels
10-x-y backport-check-skip Skip trop's backport validity checking semver/patch backwards-compatible bug fixes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@ppontes @nornagon @zcbenz @electron-bot @codebytere @jkleinsc
0