mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-25 06:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
645d114f7213a6dfac5bcf30d98c9e80a47199c0
poky/meta
History
Changqing Li 645d114f72 sudo: fix CVE-2019-14287 
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer
account can bypass certain policy blacklists and session PAM modules,
and can cause incorrect logging, by invoking sudo with a crafted user
ID. For example, this allows bypass of !root configuration, and USER=
logging, for a "sudo -u \#$((0xffffffff))" command.

(From OE-Core rev: b7b6d39565f8fad61f2347a3fe31c9ee77a4da15)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4e11cd561f2bdaa6807cf02ee7c9870881826308)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-10-29 09:08:18 +00:00
..
classes
icecc: Export ICECC_CC and friends via wrapper-script
2019-10-29 09:08:18 +00:00
conf
layer.conf: Update for zeus series
2019-10-08 20:47:34 +01:00
files
common-licenses: update BSD-2-CLAUSE license text
2019-08-30 17:10:28 +01:00
lib
oeqa/selftest/imagefeatures: improve test_hypervisor_fmts
2019-10-09 14:07:43 +01:00
recipes-bsp
u-boot: add CVE patches for u-boot
2019-09-27 13:02:16 +01:00
recipes-connectivity
openssl: make OPENSSL_ENGINES match install path
2019-10-29 09:08:18 +00:00
recipes-core
dbus: update dbus-1.init to reflect new PID file
2019-10-29 09:08:18 +00:00
recipes-devtools
python: Fix CVE-2019-10160
2019-10-29 09:08:18 +00:00
recipes-extended
sudo: fix CVE-2019-14287
2019-10-29 09:08:18 +00:00
recipes-gnome
gdk-pixbuf: upgrade 2.38.1 -> 2.38.2
2019-09-19 10:54:32 +01:00
recipes-graphics
libsdl2: fix CVE-2019-13616
2019-10-29 09:08:17 +00:00
recipes-kernel
linux-yocto/5.2: fix strace/ptrace long runtime issues
2019-10-09 14:07:43 +01:00
recipes-multimedia
tiff: fix CVE-2019-14973
2019-10-02 10:09:47 +01:00
recipes-rt
world-broken.inc: Remove
2019-08-28 11:31:21 +01:00
recipes-sato
core-image-sato: don't use 512MB in qemumips
2019-09-06 08:15:45 +01:00
recipes-support
libgcrypt: fix CVE-2019-12904
2019-10-29 09:08:18 +00:00
site
siteinfo: Define data for ARC
2018-09-21 18:45:47 -07:00
COPYING.MIT
recipes.txt
Remove LSB support
2019-08-29 14:05:12 +01:00