bash: CVE-2016-0634 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Zhixiong Chi <zhixiong.chi@windriver.com>	2017-04-20 15:04:54 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-05-12 08:51:09 +0100
commit	9ef73fbeba5dd95e1cf4c5afebe98a2d76a8df2e (patch)
tree	dc05011f2219ad8e675e756be7633529b6409cc8 /scripts/lib/devtool/sdk.py
parent	68002417e487896fcb745747aa7b34ec88cb1c86 (diff)
download	poky-9ef73fbeba5dd95e1cf4c5afebe98a2d76a8df2e.tar.gz

bash: CVE-2016-0634

A vulnerability was found in a way bash expands the $HOSTNAME. Injecting the hostname with malicious code would cause it to run each time bash expanded \h in the prompt string. Porting patch from <https://ftp.gnu.org/gnu/bash/bash-4.3-patches/ bash43-047> to solve CVE-2016-0634 CVE: CVE-2016-0634 (From OE-Core rev: 7dd6aa1a4bf6e9fc8a1998cda6ac5397bb5cd5cb) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts/lib/devtool/sdk.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: