projects / docker.io.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a6b8761) | patch
Initialize nss libraries in Glibc so that the dynamic libraries are loaded in the...
authorJustin Cormack <justin.cormack@docker.com>
Thu, 25 Jul 2019 14:24:39 +0000 (15:24 +0100)
committerFelix Geyer <fgeyer@debian.org>
Tue, 3 Sep 2019 17:59:35 +0000 (18:59 +0100)
commitd85d16c2a1633b95b710ee84e2bf3b0c14cd8434
treed5263eed19633583b3bebdb8b06094edd28f3dd9tree | snapshot
parenta6b8761f2c4539797718609e3374b229e1fd4764commit | diff
Initialize nss libraries in Glibc so that the dynamic libraries are loaded in the host environment not in the chroot from untrusted files.

See also OpenVZ https://github.com/kolyshkin/vzctl/blob/a3f732ef751998913fcf0a11b3e05236b51fd7e9/src/enter.c#L227-L234

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit a316b10dab79d9298b02c7930958ed52e0ccf4e4)

Gbp-Pq: Name cve-2019-14271-Initialize-nss-libraries-in-Glibc.patch
engine/pkg/chrootarchive/archive.go diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.