]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 4de3daa) | patch
glibc: Security fix CVE-2017-15670
authorArmin Kuster <akuster@mvista.com>
Thu, 23 Nov 2017 04:11:31 +0000 (20:11 -0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 25 Jan 2018 11:36:05 +0000 (11:36 +0000)
commita29cb640e3c0ca77ea232b89b89900cb55fa727c
treec7acfbe6100444559f1a7e6531aa747f64a155e9tree | snapshot
parent4de3daa129414d79e4a2a3d5f8da32e3b5b937c6commit | diff
glibc: Security fix CVE-2017-15670

The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.

Affects: glibc < 2.27

v2]
capitlize "signed-off-by" in patch

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta/recipes-core/glibc/glibc/CVE-2017-15670.patch [new file with mode: 0644] blob
meta/recipes-core/glibc/glibc_2.26.bb diff | blob | history
Mirror of the official openembedded-core repository