[yocto-security] CVE-2015-7547: getaddrinfo() stack-based buffer overflow
Paul Eggleton
paul.eggleton at linux.intel.com
Wed Feb 17 03:05:54 PST 2016
Hi folks,
This looks like a bit of a nasty one:
https://googleonlinesecurity.blogspot.co.nz/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
The patch from upstream:
https://sourceware.org/git/?p=glibc.git;a=commit;h=e9db92d3acfe1822d56d11abcea5bfc4c41cf6ca
Any volunteers to take care of this for master / stable branches?
Cheers,
Paul
--
Paul Eggleton
Intel Open Source Technology Centre
More information about the yocto-security
mailing list