]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: b30a737) | patch
glibc: CVE-2015-8777
authorArmin Kuster <akuster@mvista.com>
Sun, 28 Feb 2016 18:53:32 +0000 (10:53 -0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Mon, 21 Mar 2016 15:48:21 +0000 (15:48 +0000)
commitbb6ce1334bfb3711428b4b82bca4c0d5339ee2f8
tree7be69b817f754b6bfa8c0add1426c7053f8e8e69tree | snapshot
parentb30a7375f09158575d63367600190a5e3a00b9fccommit | diff
glibc: CVE-2015-8777

The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or
libc6) before 2.23 allows local users to bypass a pointer-guarding protection
mechanism via a zero value of the LD_POINTER_GUARD environment variable.

(From OE-Core rev: 22570ba08d7c6157aec58764c73b1134405b0252)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-core/glibc/glibc/CVE-2015-8777.patch [new file with mode: 0644] blob
meta/recipes-core/glibc/glibc_2.20.bb diff | blob | history
Mirror of the official openembedded-core repository