]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 7494dcf) | patch
grep: fix for CVE-2012-5667
authorMing Liu <ming.liu@windriver.com>
Wed, 15 May 2013 05:56:50 +0000 (05:56 +0000)
committerPaul Eggleton <paul.eggleton@linux.intel.com>
Mon, 8 Jul 2013 09:30:18 +0000 (10:30 +0100)
commitaefb760f6bb2522e0a0fec19a6bf1a761cf3c03e
tree294d52078f44fca5416235817e476b133dd6019ftree | snapshot
parent7494dcf0c33a2bf256d9f43432113425e0f5ddbecommit | diff
grep: fix for CVE-2012-5667

Multiple integer overflows in GNU Grep before 2.11 might allow
context-dependent attackers to execute arbitrary code via vectors
involving a long input line that triggers a heap-based buffer overflow.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5667

(From OE-Core master rev: 7dd4d0178e2b057f76cd2b0b6fe8402f8c1ab23d)

Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-extended/grep/grep-2.5.1a/grep-CVE-2012-5667.patch [new file with mode: 0644] blob
meta/recipes-extended/grep/grep_2.5.1a.bb diff | blob | history
Mirror of the official openembedded-core repository