glibc: CVE-2015-8779

A stack overflow vulnerability in the catopen function was found, causing applications which pass long strings to the catopen function to crash or, potentially execute arbitrary code. Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Armin Kuster <akuster@mvista.com> 2016-01-22 20:19:24 -0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-02-18 07:37:26 +0000
commit: e0f71f123147bf4f48cc90c7f26a50164ed4115e (patch)
tree: be8517e4c9782445f1b9da5fd93f6763d6c8587d /meta/recipes-core/glibc/glibc_2.22.bb
parent: bc51411d2edda908cbef733066d78a986dfec0c0 (diff)
download: openembedded-core-contrib-e0f71f123147bf4f48cc90c7f26a50164ed4115e.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.22.bb b/meta/recipes-core/glibc/glibc_2.22.bb
index c828310586..336463a5c3 100644
--- a/meta/recipes-core/glibc/glibc_2.22.bb
+++ b/meta/recipes-core/glibc/glibc_2.22.bb
@@ -44,6 +44,7 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
            file://strcoll-Remove-incorrect-STRDIFF-based-optimization-.patch \
            file://0029-fix-getmntent-empty-lines.patch \
            file://CVE-2015-8777.patch \
+           file://CVE-2015-8779.patch \
 "
 
 SRC_URI += "\
author	Armin Kuster <akuster@mvista.com>	2016-01-22 20:19:24 -0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-02-18 07:37:26 +0000
commit	e0f71f123147bf4f48cc90c7f26a50164ed4115e (patch)
tree	be8517e4c9782445f1b9da5fd93f6763d6c8587d /meta/recipes-core/glibc/glibc_2.22.bb
parent	bc51411d2edda908cbef733066d78a986dfec0c0 (diff)
download	openembedded-core-contrib-e0f71f123147bf4f48cc90c7f26a50164ed4115e.tar.gz