diff options
| author |   Yue Tao <Yue.Tao@windriver.com> | 2014-04-14 12:41:17 +0800 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-05-29 13:42:10 +0100 |
| commit | f61238b9431e6470d7e76f8c37c51cebe069514a (patch) | |
| tree | d6cbe32bb082a3b602bce9cfd8b4fd2d46576b9f /meta/recipes-extended/screen/screen_4.0.3.bb | |
| parent | 6a8a9903de24cc7e1f27b1f7202bd4157719327c (diff) | |
| download | openembedded-core-contrib-f61238b9431e6470d7e76f8c37c51cebe069514a.tar.gz | |
Screen: fix for Security Advisory CVE-2009-1214
GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with
world-readable permissions, which might allow local users to obtain
sensitive session information.
(From OE-Core rev: 25a212d0154906e7a05075d015dbc1cfdfabb73a)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-extended/screen/screen_4.0.3.bb
Diffstat (limited to 'meta/recipes-extended/screen/screen_4.0.3.bb')
| -rw-r--r-- | meta/recipes-extended/screen/screen_4.0.3.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-extended/screen/screen_4.0.3.bb b/meta/recipes-extended/screen/screen_4.0.3.bb index d83dda03c2..81790987fa 100644 --- a/meta/recipes-extended/screen/screen_4.0.3.bb +++ b/meta/recipes-extended/screen/screen_4.0.3.bb @@ -20,6 +20,7 @@ SRC_URI = "${GNU_MIRROR}/screen/screen-${PV}.tar.gz;name=tarball \ ${DEBIAN_MIRROR}/main/s/screen/screen_4.0.3-14.diff.gz;name=patch \ file://configure.patch \ file://fix-parallel-make.patch \ + file://screen-4.0.3-CVE-2009-1214.patch \ ${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)}" PAM_SRC_URI = "file://screen.pam" |