diff options
author | Armin Kuster <akuster@mvista.com> | 2016-02-28 10:53:33 -0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-03-21 15:48:21 +0000 |
commit | 01e9f306e0af4ea2d9fe611c1592b0f19d83f487 (patch) | |
tree | fb7a3c56b7d58797027f8cde7f2fad9f433f4db1 /meta/recipes-core/glibc/glibc_2.20.bb | |
parent | bb6ce1334bfb3711428b4b82bca4c0d5339ee2f8 (diff) | |
download | openembedded-core-01e9f306e0af4ea2d9fe611c1592b0f19d83f487.tar.gz openembedded-core-01e9f306e0af4ea2d9fe611c1592b0f19d83f487.tar.bz2 openembedded-core-01e9f306e0af4ea2d9fe611c1592b0f19d83f487.zip |
glibc: CVE-2015-8779
A stack overflow vulnerability in the catopen function was found, causing
applications which pass long strings to the catopen function to crash or,
potentially execute arbitrary code.
(From OE-Core rev: af20e323932caba8883c91dac610e1ba2b3d4ab5)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/glibc/glibc_2.20.bb')
-rw-r--r-- | meta/recipes-core/glibc/glibc_2.20.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.20.bb b/meta/recipes-core/glibc/glibc_2.20.bb index 5e03570cf3..af568d9f4c 100644 --- a/meta/recipes-core/glibc/glibc_2.20.bb +++ b/meta/recipes-core/glibc/glibc_2.20.bb @@ -49,6 +49,7 @@ CVEPATCHES = "\ file://CVE-2015-1472-wscanf-allocates-too-little-memory.patch \ file://CVE-2015-7547.patch \ file://CVE-2015-8777.patch \ + file://CVE-2015-8779.patch \ " LIC_FILES_CHKSUM = "file://LICENSES;md5=e9a558e243b36d3209f380deb394b213 \ |