summaryrefslogtreecommitdiffstats
path: root/meta/classes/nativesdk.bbclass
diff options
context:
space:
mode:
authorZhixiong Chi <zhixiong.chi@windriver.com>2017-04-20 15:04:54 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2017-08-29 16:50:53 +0100
commita5dfa90ea81e9d1868524ae9a4bfea752691568d (patch)
tree8d6afffcbe2ee2a33efc743829ca4a6b3a772b70 /meta/classes/nativesdk.bbclass
parentbd631d76b8e14a2a1ecb5d5c2cf78ddbc085f63d (diff)
downloadpoky-a5dfa90ea81e9d1868524ae9a4bfea752691568d.tar.gz
bash: CVE-2016-0634
A vulnerability was found in a way bash expands the $HOSTNAME. Injecting the hostname with malicious code would cause it to run each time bash expanded \h in the prompt string. Porting patch from <https://ftp.gnu.org/gnu/bash/bash-4.3-patches/ bash43-047> to solve CVE-2016-0634 CVE: CVE-2016-0634 (From OE-Core rev: 7dd6aa1a4bf6e9fc8a1998cda6ac5397bb5cd5cb) (From OE-Core rev: a4b37b05140b549960baef49237ce3316e84a041) (From OE-Core rev: a75c9657f785be3b2d14b10a7044105329c88e8a) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/classes/nativesdk.bbclass')
0 files changed, 0 insertions, 0 deletions