]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 0bb2212) | patch
rpm: fix CVE-2021-3421
authorMinjae Kim <flowergom@gmail.com>
Thu, 24 Jun 2021 13:29:04 +0000 (22:29 +0900)
committerSteve Sakoman <steve@sakoman.com>
Tue, 29 Jun 2021 14:15:00 +0000 (04:15 -1000)
commiteb1183cac91a9948ac47acc56454b8841764ba72
tree437719c2f310d2025bff1ce9244fc00467262095tree | snapshot
parent0bb221206c55564fd5cfe1d2452a6abe5e86d2c3commit | diff
rpm: fix CVE-2021-3421

unsigned signature header leads to string injection into an rpm database

reference:
https://nvd.nist.gov/vuln/detail/CVE-2021-3421
https://github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-devtools/rpm/files/CVE-2021-3421.patch [new file with mode: 0644] blob
meta/recipes-devtools/rpm/rpm_4.14.2.1.bb diff | blob | history
Mirror of the official openembedded-core repository