|
Fixes an overflow vulnerability causing applications which
pass long strings to the catopen function to crash or,
potentially execute arbitrary code.
(From OE-Core rev: af20e323932caba8883c91dac610e1ba2b3d4ab5)
Rferences:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8779
Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=17905
CVE assignment: http://seclists.org/oss-sec/2016/q1/153
Reference to the upstream fix:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=
0f58539030e436449f79189b6edab17d7479796e
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|