diff options
author | Maxin B. John <maxin.john@enea.com> | 2014-04-07 17:48:11 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-04-09 09:53:14 +0100 |
commit | e34ad1e27b7db3237ae0435864cced32133d7025 (patch) | |
tree | ebd140fed44797b530c929caee7060ccece2106a /meta/recipes-bsp/eee-acpi-scripts | |
parent | 398a971f92bfe67ab3dad6420a4adf29ace66a55 (diff) | |
download | poky-e34ad1e27b7db3237ae0435864cced32133d7025.tar.gz |
python: Fix CVE-2014-1912
A remote user can send specially crafted data to trigger a buffer overflow
in socket.recvfrom_into() and execute arbitrary code on the target system.
The code will run with the privileges of the target service.
This back-ported patch fixes CVE-2014-1912
(From OE-Core rev: 344049ccfa59ae489c35fe0fb7592f7d34720b51)
Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-bsp/eee-acpi-scripts')
0 files changed, 0 insertions, 0 deletions