logrotate: fix for CVE-2011-1548 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Wenzong Fan <wenzong.fan@windriver.com>	2013-06-17 22:28:50 -0400
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2013-07-09 10:53:55 +0100
commit	6dc7ac5431f698f5363efe7437723ce146d39640 (patch)
tree	1414965b2025c5c917e36b7277d3da9e5965a786 /meta/recipes-multimedia/gstreamer/gst-plugins-bad_0.10.23.bb
parent	2ef0e6a35f85ee7be0e78265d0e601622598f865 (diff)
download	poky-6dc7ac5431f698f5363efe7437723ce146d39640.tar.gz

logrotate: fix for CVE-2011-1548

If a logfile is a symlink, it may be read when being compressed, being copied (copy, copytruncate) or mailed. Secure data (eg. password files) may be exposed. Portback nofollow.patch from: http://logrotate.sourcearchive.com/downloads/3.8.1-5/logrotate_3.8.1-5.debian.tar.gz (From OE-Core master rev: d0e3fc1b28fc16200adbe690aa27124041036ba3) (From OE-Core rev: 247157849f41f2d386b102a4b3d81fd11e8f3ac0) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-multimedia/gstreamer/gst-plugins-bad_0.10.23.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: