gzip: fix CVE-2022-1271 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Ralph Siemsen <ralph.siemsen@linaro.org>	2022-04-08 22:17:23 -0400
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-04-21 21:26:01 +0100
commit	170ce893e750630a9180ac0ae087b8105418db05 (patch)
tree	220e348ac27339aa5cdae6e786eb715a1269248c /scripts/lib/devtool/runqemu.py
parent	08a3ac8403fa95fe1bccd052933fce1f9fc1a899 (diff)
download	poky-170ce893e750630a9180ac0ae087b8105418db05.tar.gz

gzip: fix CVE-2022-1271

zgrep applied to a crafted file name with two or more newlines can no longer overwrite an arbitrary, attacker-selected file. Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/gzip.git/commit/?id=dc9740df61e575e8c3148b7bd3c147a81ea00c7c] CVE: CVE-2022-1271 (From OE-Core rev: b7f0696bc60409af215549d26621526c1a93a002) Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts/lib/devtool/runqemu.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: