]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 5163eb2) | patch
readline: Security Advisory - readline - CVE-2014-2524
authorKai Kang <kai.kang@windriver.com>
Wed, 15 Oct 2014 05:56:24 +0000 (13:56 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 23 Oct 2014 15:11:50 +0000 (16:11 +0100)
commita4fa519de008ccd5b9411fcb1880e0a64383ce9c
treeeeceaca3846641c017651285befcfa4f096bd3fdtree | snapshot
parent5163eb2c3c492d3640aa0628c29f6b8d446a8261commit | diff
readline: Security Advisory - readline - CVE-2014-2524

The _rl_tropen function in util.c in GNU readline before 6.3 patch 3
allows local users to create or overwrite arbitrary files via a symlink
attack on a /var/tmp/rltrace.[PID] file.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2524

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
meta/recipes-core/readline/readline-6.3/readline63-003 [new file with mode: 0644] blob
meta/recipes-core/readline/readline_6.3.bb diff | blob | history
Mirror of the official openembedded-core repository