]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b17e091) | patch
screen: fix CVE-2025-46804
authorDivya Chellam <divya.chellam@windriver.com>
Thu, 5 Jun 2025 11:01:00 +0000 (16:31 +0530)
committerSteve Sakoman <steve@sakoman.com>
Thu, 5 Jun 2025 16:11:42 +0000 (09:11 -0700)
commita313af8ca347797214669406ee86f5239997f7e3
treef38c2e829ff80d11107e51c5b60b37faa5ccddaatree | snapshot
parentb17e091eb4681b69c5a050d3fa0f9289f524e205commit | diff
screen: fix CVE-2025-46804

A minor information leak when running Screen with setuid-root
privileges allosw unprivileged users to deduce information
about a path that would otherwise not be available.

Affected are older Screen versions, as well as version 5.0.0.

Reference:
https://security-tracker.debian.org/tracker/CVE-2025-46804

Upstream-patch:
https://cgit.git.savannah.gnu.org/cgit/screen.git/commit/?id=e0eef5aac453fa98a2664416a56c50ad1d00cb30

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-extended/screen/screen/CVE-2025-46804.patch [new file with mode: 0644] blob
meta/recipes-extended/screen/screen_4.9.1.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib