On Thu, Nov 16, 2017 at 12:45 PM, akuster808 <akuster...@gmail.com> wrote: > > > On 11/15/2017 12:36 PM, George McCollister wrote: >> Add backported patch to fix CVE-2015-5180 from the upstream >> release/2.24/master branch. >> >> Signed-off-by: George McCollister <george.mccollis...@gmail.com> > > Thanks for this series. I will have to wait until I address this in Pyro.
CVE-2015-5180 should not be an issue in glibc 2.25. The CVE-2017-1000366 commits backported to glibc 2.25 are here: https://sourceware.org/git/?p=glibc.git;a=commit;h=3c7cd21290cabdadd72984fb69bc51e64ff1002d https://sourceware.org/git/?p=glibc.git;a=commit;h=46703a3995aa3ca2b816814aa4ad05ed524194dd https://sourceware.org/git/?p=glibc.git;a=commit;h=c69d4a0f680a24fdbe323764a50382ad324041e9 Would it help if I sent Pyro patches for these? > > - armin -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
