]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b4074e0) | patch
screen: fix CVE-2025-46804
authorDivya Chellam <divya.chellam@windriver.com>
Mon, 9 Jun 2025 10:10:27 +0000 (15:40 +0530)
committerSteve Sakoman <steve@sakoman.com>
Mon, 9 Jun 2025 15:44:59 +0000 (08:44 -0700)
commitfa14b05383a322f5fe751c81e8c6f1a8a1df8c9e
tree1a0ef09b2e8d85570e642999176a00ab44201c6etree
parentb4074e06ff0531481dbb3788a5c1bf9e013b6239commit | diff
screen: fix CVE-2025-46804

A minor information leak when running Screen with setuid-root
privileges allosw unprivileged users to deduce information
about a path that would otherwise not be available.

Affected are older Screen versions, as well as version 5.0.0.

Reference:
https://security-tracker.debian.org/tracker/CVE-2025-46804

Upstream-patch:
https://cgit.git.savannah.gnu.org/cgit/screen.git/commit/?id=e0eef5aac453fa98a2664416a56c50ad1d00cb30

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-extended/screen/screen/CVE-2025-46804.patch [new file with mode: 0644] blob
meta/recipes-extended/screen/screen_4.9.0.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib