StarlingX

  1. Bug #1902995
  2. Comment #8

Comment 8 for bug 1902995

Revision history for this message
Michel Thebeau [WIND] (mthebeau) wrote :

Reviewed: https://review.opendev.org/c/starlingx/tools/+/761688/
Committed: https://opendev.org/starlingx/tools/commit/5da494a63175c6c871967d386803a90b71eb00cd
Submitter: Zuul
Branch: master

commit 5da494a63175c6c871967d386803a90b71eb00cd
Author: Michel Thebeau <email address hidden>
Date: Mon Nov 2 16:03:54 2020 -0500

    glib2: CVE-2019-12450: fix file_copy_fallback

    Fix file_copy_fallback does not restrict file permissions.

    Fix is provided by Centos RPMs:
    glib2-2.56.1-7.el7.x86_64.rpm
    glib2-devel-2.56.1-7.el7.x86_64.rpm
    glib2-doc-2.56.1-7.el7.noarch.rpm

    Test:
    Build. Deploy AIO-SX. Run reproducer.

    Closes-Bug: 1902995
    Change-Id: Ie1545c462f27b38737071a1e211164a8e0b3a0d0
    Signed-off-by: Michel Thebeau <email address hidden>