projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d5e3e11) | patch
package/xinetd: add upstream security fix for CVE-2013-4342
authorPeter Korsgaard <peter@korsgaard.com>
Sun, 22 Nov 2020 15:30:38 +0000 (16:30 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Mon, 23 Nov 2020 21:36:52 +0000 (22:36 +0100)
commitd5abf5ff6188593dfc701decf8d33d38a924b45b
treeec645b33d71c673d3c5b13c076104fabf2e6eb6ftree
parentd5e3e1144e2b1795ab9ca4deb9e25f6f98456232commit | diff
package/xinetd: add upstream security fix for CVE-2013-4342

xinetd does not enforce the user and group configuration directives for
TCPMUX services, which causes these services to be run as root and makes it
easier for remote attackers to gain privileges by leveraging another
vulnerability in a service.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/xinetd/0005-CVE-2013-4342-xinetd-ignores-user-and-group-directiv.patch [new file with mode: 0644] blob
package/xinetd/xinetd.mk diff | blob | history