shadow: whitelist CVE-2013-4235 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Purushottam Choudhary <Purushottam.Choudhary@kpit.com>	2021-03-03 16:20:38 +0530
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-03-18 21:20:24 +0000
commit	179fe25cb782e8a6ce2bb28bee8f680571967dcb (patch)
tree	0a9305cd1cf3feeba410a8cdac08813462cec782 /scripts/tiny/dirsize.py
parent	4c0dd7f81bef93576f996f64bfed00e894a1fff6 (diff)
download	poky-179fe25cb782e8a6ce2bb28bee8f680571967dcb.tar.gz

shadow: whitelist CVE-2013-4235

This CVE is about TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees which had very low severity problem and marked as closed and won't fix. Therefore whitelisted CVE-2013-4235. Master, gatesgarth and dunfell all have shadow version 4.81. Hence, this is applicable for master, gatesgarth and dunfell. Link: https://bugzilla.redhat.com/show_bug.cgi?id=884658 (From OE-Core rev: 8836a56a9f17f238908b7d0e286a6d386f7be290) Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b1c6cd87bee6b019619dc5728fd6c36bc87ed696) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts/tiny/dirsize.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: