]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 42098fd) | patch
dhcp: fix CVE-2021-25217
authorMinjae Kim <flowergom@gmail.com>
Thu, 8 Jul 2021 13:22:40 +0000 (22:22 +0900)
committerSteve Sakoman <steve@sakoman.com>
Sun, 11 Jul 2021 16:19:43 +0000 (06:19 -1000)
commit58fa175702f0cd8f00dc5e7938fb55108921d324
tree6b71e32f85c6f389efe079ccc42890917fbda4d4tree | snapshot
parent42098fd740fe3de68a221fcc9c44ead545757461commit | diff
dhcp: fix CVE-2021-25217

A buffer overrun in lease file parsing code
can be used to exploit a common vulnerability shared by dhcpd and dhclient.

reference:
https://www.openwall.com/lists/oss-security/2021/05/26/6
https://kb.isc.org/docs/cve-2021-25217
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-connectivity/dhcp/dhcp/CVE-2021-25217.patch [new file with mode: 0644] blob
meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb diff | blob | history
Mirror of the official openembedded-core repository