glibc: CVE-2015-8779

A stack overflow vulnerability in the catopen function was found, causing applications which pass long strings to the catopen function to crash or, potentially execute arbitrary code. Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
author: Armin Kuster <akuster@mvista.com> 2016-01-22 20:19:24 -0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-01-30 12:08:36 +0000
commit: af20e323932caba8883c91dac610e1ba2b3d4ab5 (patch)
tree: b41cbb37ef32dc18213c937b9d51653ae19113ef /meta/recipes-core/glibc/glibc_2.22.bb
parent: 22570ba08d7c6157aec58764c73b1134405b0252 (diff)
download: openembedded-core-contrib-af20e323932caba8883c91dac610e1ba2b3d4ab5.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.22.bb b/meta/recipes-core/glibc/glibc_2.22.bb
index 8348313b1d..382c992d8a 100644
--- a/meta/recipes-core/glibc/glibc_2.22.bb
+++ b/meta/recipes-core/glibc/glibc_2.22.bb
@@ -42,6 +42,7 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
            file://strcoll-Remove-incorrect-STRDIFF-based-optimization-.patch \
            file://0028-Clear-ELF_RTYPE_CLASS_EXTERN_PROTECTED_DATA-for-prel.patch \
            file://CVE-2015-8777.patch \
+           file://CVE-2015-8779.patch \
 "
 
 SRC_URI += "\
author	Armin Kuster <akuster@mvista.com>	2016-01-22 20:19:24 -0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-01-30 12:08:36 +0000
commit	af20e323932caba8883c91dac610e1ba2b3d4ab5 (patch)
tree	b41cbb37ef32dc18213c937b9d51653ae19113ef /meta/recipes-core/glibc/glibc_2.22.bb
parent	22570ba08d7c6157aec58764c73b1134405b0252 (diff)
download	openembedded-core-contrib-af20e323932caba8883c91dac610e1ba2b3d4ab5.tar.gz