Hi Ross, On Tue, Jan 20, 2015 at 04:00:02PM +0000, Burton, Ross wrote: > > On 19 January 2015 at 13:57, Maxin B. John <maxin.j...@enea.com> wrote: > > On Wed, Jan 07, 2015 at 01:11:43PM +0100, Maxin B. John wrote: > > Fiedler Roman discovered that coreutils' parse_datetime() function > > has some flaws that may be exploitable if the date(1), touch(1), > > or potentially other programs, accept untrusted input for certain > > parameters. While researching this issue, he discovered that it > > was independently discovered by Bertrand Jacquin and reported at > > http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16872 > > > > > Was this bug still in 8.23 so it needs to be applied to master, or is it > dizzy-specific?
This bug is already fixed in 8.23. So, we don't have to apply this on master. > Ross Best Regards, Maxin -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
