dbus-broker: patch CVE-2022-31212 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Gyorgy Sarvari <skandigraun@gmail.com>	2025-12-25 13:51:39 +0100
committer	Gyorgy Sarvari <skandigraun@gmail.com>	2025-12-25 13:57:04 +0100
commit	9af2a4a468a601feb94f3f7aefa273e8e168c670 (patch)
tree	5a0842744ab0595492b9e6c7e56d7e8a2ea1f2b3 /meta-python/recipes-devtools/python/python3-gnupg_0.4.8.bb
parent	5b7d15db187f79e168a5f25cdb1f14dd967811f3 (diff)
download	meta-openembedded-9af2a4a468a601feb94f3f7aefa273e8e168c670.tar.gz

dbus-broker: patch CVE-2022-31212

Details: https://nvd.nist.gov/vuln/detail/CVE-2022-31212 A detailed writeup[1] is referenced by the nvd report, which describes that the vulnerability itself is not in the application, rather in a dependency of it, in c-shutil, which is pulled in as a submodule. Pick the patch from this submodule that fixes a stack overflow, and adds a test explictly verifying the described vulnerability. [1]: https://sec-consult.com/vulnerability-lab/advisory/memory-corruption-vulnerabilities-dbus-broker/ Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python3-gnupg_0.4.8.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: