diff options
| author | Yi Zhao <yi.zhao@windriver.com> | 2020-08-31 11:26:05 +0800 |
|---|---|---|
| committer | Jia Zhang <zhang.jia@linux.alibaba.com> | 2020-09-01 09:12:59 +0800 |
| commit | 7ee985e53fcb8d055ed411db28fa3b514426bdc7 (patch) | |
| tree | 42d393d74b2458ba6e38b7f37320e32e581ce927 | |
| parent | 960cffb1074da83acdbbd9df53260a6311a18829 (diff) | |
| download | meta-secure-core-7ee985e53fcb8d055ed411db28fa3b514426bdc7.tar.gz | |
trousers: update to latest git rev
Security fixes:
CVE-2020-24332
If the tcsd daemon is started with root privileges,
the creation of the system.data file is prone to symlink attacks
CVE-2020-24330
If the tcsd daemon is started with root privileges,
it fails to drop the root gid after it is no longer needed
CVE-2020-24331
If the tcsd daemon is started with root privileges,
the tss user has read and write access to the /etc/tcsd.conf file
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
| -rw-r--r-- | meta-tpm/recipes-tpm/trousers/trousers_git.bb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/meta-tpm/recipes-tpm/trousers/trousers_git.bb b/meta-tpm/recipes-tpm/trousers/trousers_git.bb index 967b25e..f899f5e 100644 --- a/meta-tpm/recipes-tpm/trousers/trousers_git.bb +++ b/meta-tpm/recipes-tpm/trousers/trousers_git.bb | |||
| @@ -29,7 +29,7 @@ SRC_URI = "\ | |||
| 29 | file://tcsd.service \ | 29 | file://tcsd.service \ |
| 30 | file://tcsd.conf \ | 30 | file://tcsd.conf \ |
| 31 | " | 31 | " |
| 32 | SRCREV = "de57f069ef2297d6a6b3a0353e217a5a2f66e444" | 32 | SRCREV = "e74dd1d96753b0538192143adf58d04fcd3b242b" |
| 33 | 33 | ||
| 34 | S = "${WORKDIR}/git" | 34 | S = "${WORKDIR}/git" |
| 35 | 35 | ||