diff options
| author | Armin Kuster <akuster@mvista.com> | 2016-02-06 15:14:43 -0800 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-02-07 17:23:03 +0000 |
| commit | ec05eebf8d4d025c5355260343e24043b616de6d (patch) | |
| tree | e3b8bdcce3d32c70fc0d245dffd48b7c18a85939 /meta/recipes-core/glibc/glibc_2.21.bb | |
| parent | 7ff74d177cc120c3f25370d1e6e9496ac09adbc4 (diff) | |
| download | ast2050-yocto-poky-ec05eebf8d4d025c5355260343e24043b616de6d.zip ast2050-yocto-poky-ec05eebf8d4d025c5355260343e24043b616de6d.tar.gz | |
glibc: CVE-2015-8779
A stack overflow vulnerability in the catopen function was found, causing
applications which pass long strings to the catopen function to crash or,
potentially execute arbitrary code.
(From OE-Core rev: af20e323932caba8883c91dac610e1ba2b3d4ab5)
(From OE-Core rev: 2e1c8cab3bc7b70e2a05dca20cb5bcec4335f04d)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/glibc/glibc_2.21.bb')
| -rw-r--r-- | meta/recipes-core/glibc/glibc_2.21.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.21.bb b/meta/recipes-core/glibc/glibc_2.21.bb index efbcc9c..afe32d5 100644 --- a/meta/recipes-core/glibc/glibc_2.21.bb +++ b/meta/recipes-core/glibc/glibc_2.21.bb @@ -49,6 +49,7 @@ EGLIBCPATCHES = "\ CVEPATCHES = "\ file://CVE-2015-1781-resolv-nss_dns-dns-host.c-buffer-overf.patch \ file://CVE-2015-8777.patch \ + file://CVE-2015-8779.patch \ " LIC_FILES_CHKSUM = "file://LICENSES;md5=e9a558e243b36d3209f380deb394b213 \ |
