diff options
author | Haris Okanovic <haris.okanovic@ni.com> | 2015-05-15 16:57:11 -0500 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2015-07-20 20:54:33 +0100 |
commit | 215c4d948df8d480179e842781158bcee216d9d3 (patch) | |
tree | 691363e2c8e32057835cf292a8246978d2d7958c /meta/recipes-core/glibc/glibc_2.20.bb | |
parent | 9ae261263a9cefc3eacc8dc53d023f207df6e890 (diff) | |
download | poky-215c4d948df8d480179e842781158bcee216d9d3.tar.gz |
glibc: CVE-2015-1781: resolv/nss_dns/dns-host.c buffer overflow
Backport Arjun Shankar's patch for CVE-2015-1781:
A buffer overflow flaw was found in the way glibc's gethostbyname_r() and
other related functions computed the size of a buffer when passed a
misaligned buffer as input. An attacker able to make an application call
any of these functions with a misaligned buffer could use this flaw to
crash the application or, potentially, execute arbitrary code with the
permissions of the user running the application.
https://sourceware.org/bugzilla/show_bug.cgi?id=18287
(From OE-Core rev: c0f0b6e6ef1edc0a9f9e1ceffb1cdbbef2e409c6)
(From OE-Core rev: 96ff830b79c64d8f35c311b66906b492cbeeeb55)
Signed-off-by: Haris Okanovic <haris.okanovic@ni.com>
Reviewed-by: Ben Shelton <ben.shelton@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/glibc/glibc_2.20.bb')
-rw-r--r-- | meta/recipes-core/glibc/glibc_2.20.bb | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.20.bb b/meta/recipes-core/glibc/glibc_2.20.bb index 8a8b296def..a0736cdeec 100644 --- a/meta/recipes-core/glibc/glibc_2.20.bb +++ b/meta/recipes-core/glibc/glibc_2.20.bb | |||
@@ -40,6 +40,9 @@ EGLIBCPATCHES = "\ | |||
40 | # file://eglibc-install-pic-archives.patch \ | 40 | # file://eglibc-install-pic-archives.patch \ |
41 | # file://initgroups_keys.patch \ | 41 | # file://initgroups_keys.patch \ |
42 | # | 42 | # |
43 | CVEPATCHES = "\ | ||
44 | file://CVE-2015-1781-resolv-nss_dns-dns-host.c-buffer-overf.patch \ | ||
45 | " | ||
43 | 46 | ||
44 | CVEPATCHES = "\ | 47 | CVEPATCHES = "\ |
45 | file://CVE-2014-7817-wordexp-fails-to-honour-WRDE_NOCMD.patch \ | 48 | file://CVE-2014-7817-wordexp-fails-to-honour-WRDE_NOCMD.patch \ |