summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/avahi/files
diff options
context:
space:
mode:
authoryanjun.zhu <yanjun.zhu@windriver.com>2012-12-11 18:00:32 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2013-02-14 15:19:52 +0000
commit54dd30e514412198734e8ddf56fca98f078e4fc1 (patch)
tree694276392c93e48679ee1c945dcef4c2f12a56eb /meta/recipes-connectivity/avahi/files
parent19f39c5d069a556c9b1c9af82cd9edd92772c0c5 (diff)
downloadpoky-54dd30e514412198734e8ddf56fca98f078e4fc1.tar.gz
squashfs: fix CVE-2012-4025
CQID:WIND00366813 Reference: http://squashfs.git.sourceforge.net/git/gitweb.cgi? p=squashfs/squashfs;a=patch;h=8515b3d420f502c5c0236b86e2d6d7e3b23c190e Integer overflow in the queue_init function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted block_log field in the superblock of a .sqsh file, leading to a heap-based buffer overflow. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4025 (From OE-Core rev: 4493173c1ab7a0528e0c74935a105e474521ed1c) Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> [YOCTO #3564] Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/avahi/files')
0 files changed, 0 insertions, 0 deletions