diff options
author | Sinan Kaya <okaya@kernel.org> | 2018-10-16 22:18:45 +0000 |
---|---|---|
committer | Khem Raj <raj.khem@gmail.com> | 2018-10-16 17:26:30 -0700 |
commit | bc14dcccfd7d048fbd826e571949a521d45fd86c (patch) | |
tree | 46226dc9312e3f8494a4997712bc0339327f5e6f /meta-oe/recipes-support/sharutils/sharutils_4.15.2.bb | |
parent | 256de4995c6bf42b82b07f275aa0f9adf43a1db0 (diff) | |
download | meta-openembedded-bc14dcccfd7d048fbd826e571949a521d45fd86c.tar.gz |
sharutils: CVE-2018-1000097
*CVE
Sharutils (unshar command) version 4.15.2 contains a Buffer Overflow
vulnerability in Affected component on the file unshar.c at line 75,
function looks_like_c_code. Failure to perform checking of the buffer
containing input line. that can result in Could lead to code execution.
This attack appear to be exploitable via Victim have to run unshar command
on a specially crafted file..
Affects = 4.15.2
CVE: CVE-2018-1000097
Ref: https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000097.html?_ga=2.104716162.363845622.1539703460-954328166.1533363715
Signed-off-by: Sinan Kaya <okaya@kernel.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-oe/recipes-support/sharutils/sharutils_4.15.2.bb')
-rw-r--r-- | meta-oe/recipes-support/sharutils/sharutils_4.15.2.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/sharutils/sharutils_4.15.2.bb b/meta-oe/recipes-support/sharutils/sharutils_4.15.2.bb index 812fee955b..c12289b5d0 100644 --- a/meta-oe/recipes-support/sharutils/sharutils_4.15.2.bb +++ b/meta-oe/recipes-support/sharutils/sharutils_4.15.2.bb @@ -8,6 +8,7 @@ inherit gettext autotools SRC_URI = "ftp://ftp.gnu.org/gnu/${BPN}/${BP}.tar.gz \ file://0001-Fix-build-with-clang.patch \ + file://CVE-2018-1000097.patch \ " SRC_URI[md5sum] = "32a51b23e25ad5e6af4b89f228be1800" SRC_URI[sha256sum] = "ee336e68549664e7a19b117adf02edfdeac6307f22e5ba78baca457116914637" |