curl: Security Advisory - curl - CVE-2014-3613 - linux/poky.git

diff options

author	Chong Lu <Chong.Lu@windriver.com>	2014-10-24 16:26:41 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-11-05 23:27:45 +0000
commit	6c9eb8a67acecc0869e6a9cd6cc040ce34af2673 (patch)
tree	fa54f3cbd4e1dfd0224467b58d6250fe07268c39 /meta-skeleton/recipes-kernel
parent	b8e521809bd1f6d051e3886bd32c1263acda72d2 (diff)
download	poky-6c9eb8a67acecc0869e6a9cd6cc040ce34af2673.tar.gz

curl: Security Advisory - curl - CVE-2014-3613

By not detecting and rejecting domain names for partial literal IP addresses properly when parsing received HTTP cookies, libcurl can be fooled to both sending cookies to wrong sites and into allowing arbitrary sites to set cookies for others. (From OE-Core rev: 985ef933208da1dd1f17645613ce08e6ad27e2c1) (From OE-Core rev: dbbda31ca0a29c930f3078635ae7c5a41d933b58) Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Conflicts: meta/recipes-support/curl/curl_7.35.0.bb

Diffstat (limited to 'meta-skeleton/recipes-kernel')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: