xz: fix CVE-2022-1271 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Ralph Siemsen <ralph.siemsen@linaro.org>	2022-04-08 22:17:15 -0400
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-04-21 21:26:01 +0100
commit	62aefd3864e289c4ab71c80c4b27de93d184241a (patch)
tree	2fd7774f89e555fd1fd3d57ee7f363c5d36f06f3 /meta/recipes-devtools/git/git.inc
parent	f36e87ec4f6e2d45533001b8c4b39d72501a3b5e (diff)
download	poky-62aefd3864e289c4ab71c80c4b27de93d184241a.tar.gz

xz: fix CVE-2022-1271

Malicious filenames can make xzgrep to write to arbitrary files or (with a GNU sed extension) lead to arbitrary code execution. Upstream-Status: Backport [https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch] CVE: CVE-2022-1271 (From OE-Core rev: da4180062f12aa855a0dd2c0dbe4f0721df67055) Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-devtools/git/git.inc')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: