readline: Security Advisory - readline - CVE-2014-2524 - linux/poky.git

diff options

author	Kai Kang <kai.kang@windriver.com>	2014-10-15 13:56:24 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-10-18 16:14:04 +0200
commit	bacc6575a933b5df4ca8fcb90a5ce2326013c7a3 (patch)
tree	52a4afe1167b87dda66562c90f519806574e125a /documentation/kernel-dev/figures
parent	7a9f5c9120d9330fae5f432630de120be11c28d9 (diff)
download	poky-bacc6575a933b5df4ca8fcb90a5ce2326013c7a3.tar.gz

readline: Security Advisory - readline - CVE-2014-2524

The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2524 (From OE-Core rev: 0e95eef8817f51504dcc50d855dcbef172cfc897) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'documentation/kernel-dev/figures')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: