]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: d6479f5) | patch
perl: CVE-2018-12015
authorJagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Wed, 22 Aug 2018 12:00:32 +0000 (17:30 +0530)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 23 Aug 2018 06:45:32 +0000 (07:45 +0100)
commit037b205e89ae4c7d638a5c15d64f60e16facbaa2
treedc46c904398aaa033569fcdb130ea7edfe1ef75ctree | snapshot
parentd6479f5d2e6de17bac8662f5057d87176524c6facommit | diff
perl: CVE-2018-12015

Remove existing files before overwriting them

Archive should extract only the latest same-named entry.
Extracted regular file should not be writtent into existing block
device (or any other one).

https://rt.cpan.org/Ticket/Display.html?id=125523

Affects perl <= 5.26.2

Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-devtools/perl/perl/CVE-2018-12015.patch [new file with mode: 0644] blob
meta/recipes-devtools/perl/perl_5.24.4.bb diff | blob | history
Mirror of the official openembedded-core repository