projects / docker.io.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b2bc00e) | patch
Initialize nss libraries in Glibc so that the dynamic libraries are loaded in the...
authorJustin Cormack <justin.cormack@docker.com>
Thu, 25 Jul 2019 14:24:39 +0000 (15:24 +0100)
committerArnaud Rebillout <arnaud.rebillout@collabora.com>
Wed, 4 Sep 2019 07:54:29 +0000 (08:54 +0100)
commitd9776ca494d8ef29c6e7e717414bb0e574304f9a
tree2d7b34e746bea4dfe34d698659df726e568ffa38tree | snapshot
parentb2bc00eac9004f057db64c3546c234c963d65eebcommit | diff
Initialize nss libraries in Glibc so that the dynamic libraries are loaded in the host environment not in the chroot from untrusted files.

See also OpenVZ https://github.com/kolyshkin/vzctl/blob/a3f732ef751998913fcf0a11b3e05236b51fd7e9/src/enter.c#L227-L234

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit a316b10dab79d9298b02c7930958ed52e0ccf4e4)

Gbp-Pq: Name cve-2019-14271-Initialize-nss-libraries-in-Glibc.patch
engine/pkg/chrootarchive/archive.go diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.