ez-ipupdate: patch CVE-2003-0887 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Gyorgy Sarvari <skandigraun@gmail.com>	2026-02-06 09:20:45 +0100
committer	Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-09 09:35:53 +0530
commit	eb8e89e3b41bcb3ab39194f26a32a061d09fc7e6 (patch)
tree	1b1586013fb728b28f0ea23b69e8e45d4f0c0822 /meta-python/recipes-devtools/python/python3-backcall_0.2.0.bb
parent	14972f0f6a26369ab8981127b70b937aca6e6a75 (diff)
download	meta-openembedded-eb8e89e3b41bcb3ab39194f26a32a061d09fc7e6.tar.gz

ez-ipupdate: patch CVE-2003-0887

Details: https://nvd.nist.gov/vuln/detail/CVE-2003-0887 The vulnerability is about the default (example) configurations, which place cache files into the /tmp folder, that is world-writeable. The recommendation would be to place them to a more secure folder. The recipe however does not install these example configurations, and as such it is not vulnerable either. Just to make sure, patch these folders to a non-tmp folder (and also install that folder, empty). Some more discussion about the vulnerability: https://bugzilla.suse.com/show_bug.cgi?id=48161 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com> (cherry picked from commit 0080dd79731efa1cca150730c5ac39bad82f7095) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python3-backcall_0.2.0.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: