xinetd: CVE-2013-4342 - openembedded-core-contrib - OpenEmbedded Core user contribution trees

diff options

author	Li Wang <li.wang@windriver.com>	2013-12-05 17:52:17 -0600
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2013-12-10 11:36:24 +0000
commit	c6ccb09cee54a7b9d953f58fbb8849fd7d7de6a9 (patch)
tree	f6575e66a0d917a10c55245ef008f0cdf265a0ae /meta/recipes-bsp/acpid
parent	47388363f69bfbf5ed1816a9367627182ee10e88 (diff)
download	openembedded-core-contrib-c6ccb09cee54a7b9d953f58fbb8849fd7d7de6a9.tar.gz

xinetd: CVE-2013-4342

xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4342 the patch come from: https://bugzilla.redhat.com/attachment.cgi?id=799732&action=diff Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-bsp/acpid')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: