[yocto] HEADSUP - CVE 2015-023 remote code execution in glibc
Paul Eggleton
paul.eggleton at linux.intel.com
Wed Jan 28 03:29:22 PST 2015
On Wednesday 28 January 2015 11:20:27 Burton, Ross wrote:
> On 28 January 2015 at 11:17, Damian, Alexandru <alexandru.damian at intel.com>
> wrote:
> > Do we need to open a bug to track this ?
>
> Probably for the best to ensure it goes into all the branches we support.
FYI, none of the branches we still officially support use (e)glibc older than
2.18, which is where the fix went in upstream; even dora that just went out of
support has 2.18 as the default (2.17 is included though).
Cheers,
Paul
--
Paul Eggleton
Intel Open Source Technology Centre
More information about the yocto
mailing list