diff options
author | Kai Kang <kai.kang@windriver.com> | 2014-10-15 13:56:24 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-10-18 16:14:04 +0200 |
commit | bacc6575a933b5df4ca8fcb90a5ce2326013c7a3 (patch) | |
tree | 52a4afe1167b87dda66562c90f519806574e125a /meta/recipes-core/readline/readline_6.3.bb | |
parent | 7a9f5c9120d9330fae5f432630de120be11c28d9 (diff) | |
download | poky-bacc6575a933b5df4ca8fcb90a5ce2326013c7a3.tar.gz |
readline: Security Advisory - readline - CVE-2014-2524
The _rl_tropen function in util.c in GNU readline before 6.3 patch 3
allows local users to create or overwrite arbitrary files via a symlink
attack on a /var/tmp/rltrace.[PID] file.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2524
(From OE-Core rev: 0e95eef8817f51504dcc50d855dcbef172cfc897)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/readline/readline_6.3.bb')
-rw-r--r-- | meta/recipes-core/readline/readline_6.3.bb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-core/readline/readline_6.3.bb b/meta/recipes-core/readline/readline_6.3.bb index aa30f668b4..f02f197d47 100644 --- a/meta/recipes-core/readline/readline_6.3.bb +++ b/meta/recipes-core/readline/readline_6.3.bb | |||
@@ -1,5 +1,7 @@ | |||
1 | require readline.inc | 1 | require readline.inc |
2 | 2 | ||
3 | SRC_URI += "file://readline63-003" | ||
4 | |||
3 | SRC_URI[archive.md5sum] = "33c8fb279e981274f485fd91da77e94a" | 5 | SRC_URI[archive.md5sum] = "33c8fb279e981274f485fd91da77e94a" |
4 | SRC_URI[archive.sha256sum] = "56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" | 6 | SRC_URI[archive.sha256sum] = "56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" |
5 | 7 | ||