]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: c5a5017) | patch
rpcbind: Fix CVE-2017-8779
authorFan Xin <fan.xin@jp.fujitsu.com>
Wed, 24 May 2017 08:10:52 +0000 (17:10 +0900)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Mon, 5 Jun 2017 22:28:27 +0000 (23:28 +0100)
commitbab6667d44df185b4433bcd1c283105966383844
treedaa3f4503d0469b692065598a4cc77078018a8cetree | snapshot
parentc5a5017ce710108c61dba0e0af72bb72a9419701commit | diff
rpcbind: Fix CVE-2017-8779

This vulnerability is also called "rpcbomb".
Backport upstream patch to fix this vulnerability.

CVE: CVE-2017-8779

(From OE-Core rev: 7936c9451eb4c376a78a0ac7461d1b2430c7f1f3)

Signed-off-by: Fan Xin<fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-extended/rpcbind/rpcbind/0001-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch [new file with mode: 0644] blob
meta/recipes-extended/rpcbind/rpcbind_0.2.4.bb diff | blob | history
Mirror of the official openembedded-core repository