diff options
| author | Armin Kuster <akuster@mvista.com> | 2016-02-06 15:14:44 -0800 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-02-07 17:23:04 +0000 |
| commit | b03994fe3b772205c389cfae2a3981a53b7e83d6 (patch) | |
| tree | 549273a6a8f5ff6c96c1f788aa7d388a559dcbe8 /meta/recipes-core/glibc/glibc_2.21.bb | |
| parent | ec05eebf8d4d025c5355260343e24043b616de6d (diff) | |
| download | ast2050-yocto-poky-b03994fe3b772205c389cfae2a3981a53b7e83d6.zip ast2050-yocto-poky-b03994fe3b772205c389cfae2a3981a53b7e83d6.tar.gz | |
glibc: CVE-2015-9761
A stack overflow vulnerability was found in nan* functions that could cause
applications which process long strings with the nan function to crash or,
potentially, execute arbitrary code.
(From OE-Core rev: fd3da8178c8c06b549dbc19ecec40e98ab934d49)
(From OE-Core rev: 6cb0465247195ec25ef1073e79997001380aa807)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/glibc/glibc_2.21.bb')
| -rw-r--r-- | meta/recipes-core/glibc/glibc_2.21.bb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.21.bb b/meta/recipes-core/glibc/glibc_2.21.bb index afe32d5..f712f18 100644 --- a/meta/recipes-core/glibc/glibc_2.21.bb +++ b/meta/recipes-core/glibc/glibc_2.21.bb @@ -50,6 +50,8 @@ CVEPATCHES = "\ file://CVE-2015-1781-resolv-nss_dns-dns-host.c-buffer-overf.patch \ file://CVE-2015-8777.patch \ file://CVE-2015-8779.patch \ + file://CVE-2015-9761_1.patch \ + file://CVE-2015-9761_2.patch \ " LIC_FILES_CHKSUM = "file://LICENSES;md5=e9a558e243b36d3209f380deb394b213 \ |
