summaryrefslogtreecommitdiffstats
path: root/meta/recipes-core
Commit message (Collapse)AuthorAgeFilesLines
* eglibc: CVE-2015-7547Sona Sarmadi2016-03-012-0/+598
| | | | | | | | | | | | | Fixes getaddrinfo stack-based buffer overflow References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7547 https://sourceware.org/bugzilla/show_bug.cgi?id=18665 https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html https://sourceware.org/ml/libc-alpha/2016-02/msg00418.html Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* coreutils: parse-datetime: CVE-2014-9471Sona Sarmadi2015-07-062-0/+41
| | | | | | | | | Memory corruption flaw in parse_datetime() Reference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9471 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* eglibc: CVE-2014-9402 denial of service in getnetbynameSona Sarmadi2015-07-062-0/+29
| | | | | | | | | | | | | | | | | | | | getnetbyname function in eglibc 2.21 and earlier will enter an infinite loop if the DNS backend is activated in the system Name Service Switch configuration, and the DNS resolver receives a positive answer while processing the networkname. Reference https://sourceware.org/bugzilla/show_bug.cgi?id=17630 Changes in the NEWS and ChangeLog files from the original upstream commit have been ignored Upstream commit that fixes this issue: https://sourceware.org/git/gitweb.cgi?p=glibc.git; h=11e3417af6e354f1942c68a271ae51e892b2814d Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* eglibc: CVE-2012-3406 Stack overflow in vfprintfSona Sarmadi2015-07-062-0/+274
| | | | | | | | | | | | | | printf() unbound alloca() usage in case of positional parameters + many format specs Changes in the NEWS and ChangeLog files from the original upstream commit have been ignored References http://www.openwall.com/lists/oss-security/2012/07/11/5 https://sourceware.org/bugzilla/show_bug.cgi?id=16617 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* eglibc: CVE-2014-7817 wordexp fails to honour WRDE_NOCMDSona Sarmadi2015-07-062-0/+165
| | | | | | | | | | | | Command execution in wordexp() with WRDE_NOCMD specified Changes in the NEWS and ChangeLog files from the original upstream commit have been ignored Reference https://sourceware.org/ml/libc-alpha/2014-11/msg00519.html Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* eglibc: CVE-2014-5119 fixArmin Kuster2015-07-062-0/+241
| | | | | | | | | | | | | | | __gconv_translit_find: Disable function [BZ #17187] This functionality has never worked correctly, and the implementation contained a security vulnerability (CVE-2014-5119). (From OE-Core rev: 3f0a4551969798803e019435f1f4b5e8f88bea1a) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* initial commit for Enea Linux 4.0Adrian Dudau2014-06-26442-0/+48288
Migrated from the internal git server on the daisy-enea branch Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-09 12:55:38 +0000