[PATCH] Initialize nss libraries in Glibc so that the dynamic libraries are loaded in the host environment not in the chroot from untrusted files.
See also OpenVZ https://github.com/kolyshkin/vzctl/blob/
a3f732ef751998913fcf0a11b3e05236b51fd7e9/src/enter.c#L227-L234
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit
a316b10dab79d9298b02c7930958ed52e0ccf4e4)
Gbp-Pq: Name cve-2019-14271-Initialize-nss-libraries-in-Glibc.patch
projects / docker.io.git / commit