summaryrefslogtreecommitdiffstats
path: root/recipes-core/glibc
Commit message (Collapse)AuthorAgeFilesLines
* glibc_2.27: Fix for CVE-2018-11237sumoAdrian Mangeac2018-09-272-0/+80
| | | | | | | | Reference: https://nvd.nist.gov/vuln/detail/CVE-2018-11237 Change-Id: I703ff10f4c95d85eb183ee791d7be2a450353616 Signed-off-by: Adrian Mangeac <Adrian.Mangeac@enea.com>
* Drop CVE patches that have been fixed in upstream poky/rockoMartin Borg2018-02-284-1152/+0
| | | | Signed-off-by: Martin Borg <martin.borg@enea.com>
* glibc: CVE-2017-8804Sona Sarmadi2017-09-152-0/+226
| | | | | | | | | | | | Fixes memory leak in sunrpc when decoding malformed XDR References: https://security-tracker.debian.org/tracker/CVE-2017-8804 Upstream patch: https://sourceware.org/ml/libc-alpha/2017-05/msg00105.html Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* glibc:CVE-2017-12132Sona Sarmadi2017-09-112-0/+867
| | | | | | | | | | | | | The DNS stub resolver in the glibc or libc6 before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation. Reference: https://security-tracker.debian.org/tracker/CVE-2017-12132 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* glibc: CVE-2017-1000366Sona Sarmadi2017-09-112-0/+59
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Reference: https://security-tracker.debian.org/tracker/CVE-2017-1000366 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-07-19 20:39:45 +0000