review.tizen.org Git - scm/bb/tizen-distro.git/commit

author	Li Wang <li.wang@windriver.com>
	Thu, 5 Dec 2013 23:52:17 +0000 (17:52 -0600)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Tue, 10 Dec 2013 17:42:45 +0000 (17:42 +0000)
commit	3149dbd216be9d35bf58e93df0e20f6c369b0ddb
tree	84cbc50032fcdee3069b0c52c3a7438fd7e211f7	tree \| snapshot
parent	528462b7f17e17db59e61dc21445311e53677f18	commit \| diff

xinetd: CVE-2013-4342

xinetd does not enforce the user and group configuration directives
for TCPMUX services, which causes these services to be run as root
and makes it easier for remote attackers to gain privileges by
leveraging another vulnerability in a service.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4342

the patch come from:
https://bugzilla.redhat.com/attachment.cgi?id=799732&action=diff

(From OE-Core rev: c6ccb09cee54a7b9d953f58fbb8849fd7d7de6a9)

Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-extended/xinetd/xinetd/xinetd-CVE-2013-4342.patch	[new file with mode: 0644]	blob
meta/recipes-extended/xinetd/xinetd_2.3.15.bb		diff \| blob \| history