diff options
author | Zhixiong Chi <zhixiong.chi@windriver.com> | 2017-04-20 15:04:54 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-08-29 15:11:37 +0100 |
commit | a75c9657f785be3b2d14b10a7044105329c88e8a (patch) | |
tree | c69d15618dcc651983777a9a94fa297cd6ef4a75 /meta/conf | |
parent | 25b87ebfce7216b18e85b6bc5fc7f20bcf4cf31d (diff) | |
download | openembedded-core-contrib-a75c9657f785be3b2d14b10a7044105329c88e8a.tar.gz |
bash: CVE-2016-0634
A vulnerability was found in a way bash expands the $HOSTNAME.
Injecting the hostname with malicious code would cause it to run
each time bash expanded \h in the prompt string.
Porting patch from <https://ftp.gnu.org/gnu/bash/bash-4.3-patches/
bash43-047> to solve CVE-2016-0634
CVE: CVE-2016-0634
(From OE-Core rev: 7dd6aa1a4bf6e9fc8a1998cda6ac5397bb5cd5cb)
(From OE-Core rev: a4b37b05140b549960baef49237ce3316e84a041)
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta/conf')
0 files changed, 0 insertions, 0 deletions