[OE-core] [morty][PATCH v2 1/2] glibc: Fix CVE-2015-5180
George McCollister
george.mccollister at gmail.com
Thu Nov 16 22:46:10 UTC 2017
On Thu, Nov 16, 2017 at 12:45 PM, akuster808 <akuster808 at gmail.com> wrote:
>
>
> On 11/15/2017 12:36 PM, George McCollister wrote:
>> Add backported patch to fix CVE-2015-5180 from the upstream
>> release/2.24/master branch.
>>
>> Signed-off-by: George McCollister <george.mccollister at gmail.com>
>
> Thanks for this series. I will have to wait until I address this in Pyro.
CVE-2015-5180 should not be an issue in glibc 2.25.
The CVE-2017-1000366 commits backported to glibc 2.25 are here:
https://sourceware.org/git/?p=glibc.git;a=commit;h=3c7cd21290cabdadd72984fb69bc51e64ff1002d
https://sourceware.org/git/?p=glibc.git;a=commit;h=46703a3995aa3ca2b816814aa4ad05ed524194dd
https://sourceware.org/git/?p=glibc.git;a=commit;h=c69d4a0f680a24fdbe323764a50382ad324041e9
Would it help if I sent Pyro patches for these?
>
> - armin
More information about the Openembedded-core
mailing list