xz: fix CVE-2022-1271 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Ralph Siemsen <ralph.siemsen@linaro.org>	2022-04-08 22:16:33 -0400
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-04-10 08:31:17 +0100
commit	30eb28dd02920f166d2deaf5114a8e810c42b948 (patch)
tree	e7b6b09871d972e788f891f299b1c5be9f4ad929 /meta/recipes-core
parent	89efab2850766378d89579c094670357775b69b6 (diff)
download	poky-30eb28dd02920f166d2deaf5114a8e810c42b948.tar.gz

xz: fix CVE-2022-1271

Malicious filenames can make xzgrep to write to arbitrary files or (with a GNU sed extension) lead to arbitrary code execution. Upstream-Status: Backport [https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch] CVE: CVE-2022-1271 (From OE-Core rev: 97bf86ccde4417daec8ef3945071a50a09134bc6) Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-core')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: