Skip to content
Commit 82a11429 authored by Michael Biebl's avatar Michael Biebl
Browse files

core: when deserializing state always use read_line(…, LONG_LINE_MAX, …) 

Fixes improper serialization on upgrade which can influence systemd
execution environment and lead to root privilege escalation.

CVE-2018-15686
Closes: #912005
parent 2cae426a
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment