]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 9175164) | patch
bash: fix CVE-2016-9401
authorLi Zhou <li.zhou@windriver.com>
Mon, 13 Feb 2017 02:53:24 +0000 (10:53 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 16 Feb 2017 04:06:32 +0000 (20:06 -0800)
commit6987b317d5ce8dc50a37ebba395aa8424bec358c
tree4abaebfc5c32013d63148d9caf8817f5e95be058tree | snapshot
parent9175164380b50852a21a05d4e81294394c5486f4commit | diff
bash: fix CVE-2016-9401

popd in bash might allow local users to bypass the restricted shell
and cause a use-after-free via a crafted address.

Porting patch from <https://ftp.gnu.org/pub/gnu/bash/bash-4.4-patches/
bash44-006> to solve CVE-2016-9401.

Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
meta/recipes-extended/bash/bash/CVE-2016-9401.patch [new file with mode: 0644] blob
meta/recipes-extended/bash/bash_4.3.30.bb diff | blob | history
Mirror of the official openembedded-core repository