]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: b26feaf) | patch
tar: CVE-2016-6321
authorSona Sarmadi <sona.sarmadi@enea.com>
Fri, 24 Feb 2017 12:49:18 +0000 (13:49 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Wed, 1 Mar 2017 12:54:23 +0000 (12:54 +0000)
commitcfa2b5facd1aa6a2bac4cb04687e1a977c533934
tree7c117a743faae51ac5aa0255fe4820284047b175tree | snapshot
parentb26feaf51af55f17fad79dbd53dd3ec0a37c38ffcommit | diff
tar: CVE-2016-6321

Skip members whose names contain "..".

Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6321

Upstream patch:
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=7340f67b9860ea0531c1450e5aa261c50f671

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
meta/recipes-extended/tar/tar/CVE-2016-6321.patch [new file with mode: 0644] blob
meta/recipes-extended/tar/tar_1.29.bb diff | blob | history
Mirror of the official openembedded-core repository