]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 9b5e17b) | patch
tar: CVE-2016-6321
authorSona Sarmadi <sona.sarmadi@enea.com>
Fri, 24 Feb 2017 12:49:18 +0000 (13:49 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 18 May 2017 12:03:43 +0000 (13:03 +0100)
commit3dd835eb0cdd6f530aef5c870d06bc971eec7857
tree607c994c4fc7e266b0a1153ccd2bf2dc55aeb96ftree | snapshot
parent9b5e17b45ca5b2518f1f7c13bb2f79b5b669744fcommit | diff
tar: CVE-2016-6321

Skip members whose names contain "..".

Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6321

Upstream patch:
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=7340f67b9860ea0531c1450e5aa261c50f671

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit cfa2b5facd1aa6a2bac4cb04687e1a977c533934)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta/recipes-extended/tar/tar/CVE-2016-6321.patch [new file with mode: 0644] blob
meta/recipes-extended/tar/tar_1.29.bb diff | blob | history
Mirror of the official openembedded-core repository