mirrors/meta-secure-core
1
0
Fork 0
mirror of https://github.com/jiazhang0/meta-secure-core.git synced 2026-04-20 09:58:31 +00:00
Code Issues Projects Releases Wiki Activity

trousers: update to latest git rev

Browse Source 
Security fixes:

CVE-2020-24332
If the tcsd daemon is started with root privileges,
the creation of the system.data file is prone to symlink attacks

CVE-2020-24330
If the tcsd daemon is started with root privileges,
it fails to drop the root gid after it is no longer needed

CVE-2020-24331
If the tcsd daemon is started with root privileges,
the tss user has read and write access to the /etc/tcsd.conf file

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
This commit is contained in:
Yi Zhao
2020-08-31 11:26:05 +08:00
committed by Jia Zhang
parent 960cffb107
commit 7ee985e53f
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
meta-tpm/recipes-tpm/trousers/trousers_git.bb
View File

@@ -29,7 +29,7 @@ SRC_URI = "\
file://tcsd.service \
file://tcsd.conf \
"
SRCREV = "de57f069ef2297d6a6b3a0353e217a5a2f66e444"
SRCREV = "e74dd1d96753b0538192143adf58d04fcd3b242b"
S = "${WORKDIR}/git"