mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-13 04:03:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
f4c5d9a3a6ee2d974e55aec4b1602a368dbacf72
poky/meta/recipes-devtools/dmidecode
History
Yogita Urade f4c5d9a3a6 dmidecode: fix CVE-2023-30630 
Dmidecode before 3.5 allows -dump-bin to overwrite a local file.
This has security relevance because, for example, execution of
Dmidecode via Sudo is plausible.

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-30630
https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00016.html
https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00017.html

Backport: fixes fuzz in the CVE-2023-30630_2.patch in kirkstone

(From OE-Core rev: 4f83427a0a01e8285c9eb42d2a635d1ff7b23779)

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit f92e59a0894145a828dc9ac74bf8c7a9355e0587)
Signed-off-by: Dhairya Nagodra <dnagodra@cisco.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-08-02 04:47:13 -10:00
..
dmidecode
dmidecode: fix CVE-2023-30630
2023-08-02 04:47:13 -10:00
dmidecode_3.3.bb
dmidecode: fix CVE-2023-30630
2023-08-02 04:47:13 -10:00