]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 31fc180) | patch
screen: fix CVE-2025-46802
authorDivya Chellam <divya.chellam@windriver.com>
Thu, 5 Jun 2025 11:00:59 +0000 (16:30 +0530)
committerSteve Sakoman <steve@sakoman.com>
Thu, 5 Jun 2025 16:11:42 +0000 (09:11 -0700)
commitb17e091eb4681b69c5a050d3fa0f9289f524e205
tree04196e1b1042bfb0890ce30275a14e609c4eca10tree | snapshot
parent31fc180f606c5bb141c9c6dd85a7b1d876e1d692commit | diff
screen: fix CVE-2025-46802

For a short time they PTY is set to mode 666, allowing any user on the
system to connect to the screen session.

Reference:
https://security-tracker.debian.org/tracker/CVE-2025-46802

Upstream-patch:
https://cgit.git.savannah.gnu.org/cgit/screen.git/commit/?id=049b26b22e197ba3be9c46e5c193032e01a4724a

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-extended/screen/screen/CVE-2025-46802.patch [new file with mode: 0644] blob
meta/recipes-extended/screen/screen_4.9.1.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib