Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

pam-systemd: use secure_getenv() rather than getenv() #118

Merged
merged 1 commit into from Aug 8, 2019

Conversation

@bgilbert
Copy link
Member

commented Aug 8, 2019

Fixes CVE-2019-3842.

pam-systemd: use secure_getenv() rather than getenv()
And explain why in a comment.

(cherry picked from commit 83d4ab5)
@arithx
arithx approved these changes Aug 8, 2019
Copy link

left a comment

LGTM

@bgilbert bgilbert merged commit 7495802 into coreos:v241-coreos Aug 8, 2019

@bgilbert bgilbert deleted the bgilbert:v241-coreos branch Aug 8, 2019

dongsupark added a commit to flatcar-linux/coreos-overlay that referenced this pull request Aug 8, 2019
sys-apps/systemd: use secure_getenv rather than getenv
Apply the patch "pam-systemd: use secure_getenv() rather than getenv()"
flatcar-linux/systemd@7495802,
to the v241-flatcar branch of `flatcar-linux/systemd`, and update
`CROS_WORKON_COMMIT` to the latest commit of v241-flatcar branch.

Fixes CVE-2019-3842.
See also coreos/systemd#118
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.