openembedded-core.git - Mirror of openembedded-core

diff options

author	Maxin B. John <maxin.john@enea.com>	2015-01-07 13:11:43 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2015-02-11 17:39:47 +0000
commit	54debe63cbd38dba56895541c434f895e158f70b (patch)
tree	e3ca8722c8470d6d33d8aeb9fd93f25c2e1978f4 /scripts/lib/image
parent	965943176c580b7943bb4d94efd58b8818c04919 (diff)
download	openembedded-core-54debe63cbd38dba56895541c434f895e158f70b.tar.gz openembedded-core-54debe63cbd38dba56895541c434f895e158f70b.tar.bz2 openembedded-core-54debe63cbd38dba56895541c434f895e158f70b.zip

coreutils: Fix CVE-2014-9471

Fiedler Roman discovered that coreutils' parse_datetime() function has some flaws that may be exploitable if the date(1), touch(1), or potentially other programs, accept untrusted input for certain parameters. While researching this issue, he discovered that it was independently discovered by Bertrand Jacquin and reported at http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16872 $ touch '--date=TZ="123"345" @1' *** Error in `touch': free(): invalid pointer: 0x00007fffd33e55e0 *** Aborted $ date '--date=TZ="123"345" @1' date[394]: segfault at 7fff24000000 ip 00007f6dd5b73404 sp 00007fff27cce8f8 error 4 in libc-2.20.so[7f6dd5af7000+199000] Segmentation fault Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'scripts/lib/image')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: