Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | libtirpc: upgrade to 1.0.2 | Maxin B. John | 2018-03-15 | 1 | -276/+0 |
| | | | | | | | | | | | | | | | 1.0.1 -> 1.0.2 Remove these Backported and upstreamed patches: 1. 0001-Fix-for-CVE-2017-8779.patch 2. libtirpc-0.2.1-fortify.patch 3. libtirpc-1.0.2-rc3.patc (From OE-Core rev: 4586a66aa3f9992f54839c2920c3d51e95040a1b) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> | ||||
* | libtirpc: Fix CVE-2017-8779 | Fan Xin | 2018-03-15 | 1 | -0/+276 |
This vulnerability is also called "rpcbomb". Backport upstream patch to fix this vulnerability. CVE: CVE-2017-8779 (From OE-Core rev: bb6af5f0dbb39553654ba3a587c8078bb635da6f) Signed-off-by: Fan Xin<fan.xin@jp.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> |