| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
printf() unbound alloca() usage in case of positional
parameters + many format specs
Changes in the NEWS and ChangeLog files from the original upstream
commit have been ignored
References
http://www.openwall.com/lists/oss-security/2012/07/11/5
https://sourceware.org/bugzilla/show_bug.cgi?id=16617
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Command execution in wordexp() with WRDE_NOCMD specified
Changes in the NEWS and ChangeLog files from the original upstream
commit have been ignored
Reference
https://sourceware.org/ml/libc-alpha/2014-11/msg00519.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
__gconv_translit_find: Disable function [BZ #17187]
This functionality has never worked correctly, and the implementation
contained a security vulnerability (CVE-2014-5119).
(From OE-Core rev: 3f0a4551969798803e019435f1f4b5e8f88bea1a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
Migrated from the internal git server on the daisy-enea branch
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|