]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: bf986b5) | patch
cpio: fix CVE-2015-1197
authorRobert Yang <liezhi.yang@windriver.com>
Thu, 26 Mar 2015 09:18:09 +0000 (02:18 -0700)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Tue, 31 Mar 2015 21:21:41 +0000 (22:21 +0100)
commit87d8c11e7504210e377cb6201e672d32048e000c
tree15f5526dcd4a84be8d1b9a92afda3ccb05fc9c98tree | snapshot
parentbf986b527038821b49c81c4b9abc10e2dff32c38commit | diff
cpio: fix CVE-2015-1197

Additional directory traversal vulnerability via symlinks
cpio CVE-2015-1197

Initial report:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774669
Upstream report:
https://lists.gnu.org/archive/html/bug-cpio/2015-01/msg00000.html

And fix the indent in SRC_URI.

[YOCTO #7182]

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-extended/cpio/cpio-2.11/cpio-CVE-2015-1197.patch [new file with mode: 0644] blob
meta/recipes-extended/cpio/cpio_2.11.bb diff | blob | history
Mirror of the official openembedded-core repository