diff options
| author | Divya Chellam <divya.chellam@windriver.com> | 2025-05-30 17:22:09 +0530 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2025-07-10 10:47:31 +0100 |
| commit | 58238ee55c9e6aff8ad811a4d6bcbe7a83a3d733 (patch) | |
| tree | f4f6e7b31f50e07fd2f1a4e75407d6bd197bebeb /meta/recipes-devtools/python/python3-mako_1.3.3.bb | |
| parent | ffe1dcbdcadc4566b11e184d5fcbeed81579bc78 (diff) | |
| download | poky-master.tar.gz | |
This includes CVE-fix for CVE-2025-46805, CVE-2025-46804,
CVE-2025-46803, CVE-2025-46802 and CVE-2025-23395.
Changelog:
=========
https://cgit.git.savannah.gnu.org/cgit/screen.git/tree/src/ChangeLog?h=v.5.0.1
* Fixes:
- CVE-2025-46805: do NOT send signals with root privileges
- CVE-2025-46804: avoid file existence test information leaks
- CVE-2025-46803: apply safe PTY default mode of 0620
- CVE-2025-46802: prevent temporary 0666 mode on PTYs in attacher
- CVE-2025-23395: reintroduce lf_secreopen() for logfile
- buffer overflow due bad strncpy()
- uninitialized variables warnings
- typos
- combining char handling that could lead to a segfault
(From OE-Core rev: 9e608022b287bfdb4f547f5e2d418536758bc82f)
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/python/python3-mako_1.3.3.bb')
0 files changed, 0 insertions, 0 deletions