diff options
author | Yi Zhao <yi.zhao@windriver.com> | 2021-09-26 11:16:42 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-09-26 12:04:59 +0100 |
commit | 1b857807f1cf8fee3175f8479a0c7cb1850bd9a9 (patch) | |
tree | cd4d52b6288563b0e4a983dcba0636d8949d57d6 /meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb | |
parent | af19c44c4af68568de2ddb5c11d8ad34ac600522 (diff) | |
download | openembedded-core-contrib-1b857807f1cf8fee3175f8479a0c7cb1850bd9a9.tar.gz |
inetutils: fix CVE-2021-40491
CVE-2021-40491:
The ftp client in GNU Inetutils before 2.2 does not validate addresses
returned by PASV/LSPV responses to make sure they match the server
address. This is similar to CVE-2020-8284 for curl.
References:
https://nvd.nist.gov/vuln/detail/CVE-2021-40491
Patch from:
https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=58cb043b190fd04effdaea7c9403416b436e50dd
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb')
0 files changed, 0 insertions, 0 deletions