xinetd: CVE-2013-4342 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Li Wang <li.wang@windriver.com>	2013-12-05 17:52:17 -0600
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-02-09 11:04:14 +0000
commit	a64da6a9b3321fb722241294343a5aa41bc6658e (patch)
tree	fc942a2071d2c99c324e086174bbb82133b998d8 /meta/recipes-bsp
parent	f2921bdf511ec6f6e95e84c8138518009d374ccf (diff)
download	poky-a64da6a9b3321fb722241294343a5aa41bc6658e.tar.gz

xinetd: CVE-2013-4342

xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4342 the patch come from: https://bugzilla.redhat.com/attachment.cgi?id=799732&action=diff (From OE-Core master rev: c6ccb09cee54a7b9d953f58fbb8849fd7d7de6a9) (From OE-Core rev: 478b7f533c6664f1e4cab9950f257d927d32bb28) Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-bsp')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: