projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e56f542) | patch
package/cifs-utils: security bump to version 6.11
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Sun, 20 Sep 2020 07:57:20 +0000 (09:57 +0200)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Sun, 20 Sep 2020 13:06:04 +0000 (15:06 +0200)
commitce0e86b293018279416213a56db56c6cfa548402
treeda9c2c41410820c4b425160e55c5eaef797bb13atree
parente56f54220ee14ccdbfdb60bf56e2a88b35877394commit | diff
package/cifs-utils: security bump to version 6.11

Fix CVE-2020-14342: It was found that cifs-utils' mount.cifs was
invoking a shell when requesting the Samba password, which could be used
to inject arbitrary commands. An attacker able to invoke mount.cifs with
special permission, such as via sudo rules, could use this flaw to
escalate their privileges.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/cifs-utils/cifs-utils.hash diff | blob | history
package/cifs-utils/cifs-utils.mk diff | blob | history