Skip to content
This repository has been archived by the owner. It is now read-only.

pam-systemd: use secure_getenv() rather than getenv() #118

Merged
merged 1 commit into from Aug 8, 2019

Conversation

@bgilbert
Copy link
Member

@bgilbert bgilbert commented Aug 8, 2019

Fixes CVE-2019-3842.

And explain why in a comment.

(cherry picked from commit 83d4ab5)
arithx
arithx approved these changes Aug 8, 2019
Copy link

@arithx arithx left a comment

LGTM

Loading

@bgilbert bgilbert merged commit 7495802 into coreos:v241-coreos Aug 8, 2019
@bgilbert bgilbert deleted the v241-coreos branch Aug 8, 2019
dongsupark added a commit to flatcar-linux/coreos-overlay that referenced this issue Aug 8, 2019
Apply the patch "pam-systemd: use secure_getenv() rather than getenv()"
kinvolk-archives/systemd-legacy@7495802,
to the v241-flatcar branch of `flatcar-linux/systemd`, and update
`CROS_WORKON_COMMIT` to the latest commit of v241-flatcar branch.

Fixes CVE-2019-3842.
See also coreos/systemd#118
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
3 participants