diff options
author | Ovidiu Panait <ovidiu.panait@windriver.com> | 2017-11-10 17:46:10 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-11-21 13:06:12 +0000 |
commit | 3bd6d1831b1b021a5d788dc7b59def57bd965407 (patch) | |
tree | 2ca0d30b700fb337dfc662103472b582d1b19ac3 /meta/classes/uboot-sign.bbclass | |
parent | e75d9c336442cf1108437fbae3ddc43946fbabb0 (diff) | |
download | poky-3bd6d1831b1b021a5d788dc7b59def57bd965407.tar.gz |
icu: CVE-2017-14952
Double free in i18n/zonemeta.cpp in International Components for Unicode
(ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary
code via a crafted string, aka a "redundant UVector entry clean up
function call" issue.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-14952
Upstream patches:
http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp
(From OE-Core rev: 4ff12a8bf2b8d094085afbe8fa1d43f781cfa79d)
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/classes/uboot-sign.bbclass')
0 files changed, 0 insertions, 0 deletions