]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: dff01b8) | patch
rpcbind: Fix CVE-2017-8779
authorFan Xin <fan.xin@jp.fujitsu.com>
Wed, 24 May 2017 08:10:52 +0000 (17:10 +0900)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 25 May 2017 22:57:01 +0000 (23:57 +0100)
commit7936c9451eb4c376a78a0ac7461d1b2430c7f1f3
treec0ca728928d25f451a7b3f928fc67c1c685394a7tree | snapshot
parentdff01b827c87ae135a1d5511b1efbdad01c0eaeecommit | diff
rpcbind: Fix CVE-2017-8779

This vulnerability is also called "rpcbomb".
Backport upstream patch to fix this vulnerability.

CVE: CVE-2017-8779

Signed-off-by: Fan Xin<fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
meta/recipes-extended/rpcbind/rpcbind/0001-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch [new file with mode: 0644] blob
meta/recipes-extended/rpcbind/rpcbind_0.2.4.bb diff | blob | history
Mirror of the official openembedded-core repository