]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 0542779) | patch
perl: CVE-2018-12015
authorJagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Wed, 22 Aug 2018 11:41:52 +0000 (17:11 +0530)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Wed, 29 Aug 2018 14:22:28 +0000 (15:22 +0100)
commitca005cd857f8e79b135c43526d5b792478a07eb3
treee73602b77e5de35e0499dd494da9893a825cdb12tree | snapshot
parent0542779d2f1a8977a732800a8998fd88971c0c1dcommit | diff
perl: CVE-2018-12015

Remove existing files before overwriting them

Archive should extract only the latest same-named entry.
Extracted regular file should not be writtent into existing block
device (or any other one).

https://rt.cpan.org/Ticket/Display.html?id=125523

Affects perl <= 5.26.2

Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta/recipes-devtools/perl/perl/CVE-2018-12015.patch [new file with mode: 0644] blob
meta/recipes-devtools/perl/perl_5.24.1.bb diff | blob | history
Mirror of the official openembedded-core repository