diff options
author | Zhixiong Chi <zhixiong.chi@windriver.com> | 2016-09-22 15:54:20 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-09-27 09:05:56 +0100 |
commit | 45bc60015cd465b336e80cac08f16ffb37b53f3a (patch) | |
tree | adf530ad36e20e50ab39a567f31b73652f13d03d /meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0003-Reject-SET-commands-with-newline-characters-in-the-s.patch | |
parent | e6c1d03d3d161cbbda254a5dae7008ff7e37d874 (diff) | |
download | poky-45bc60015cd465b336e80cac08f16ffb37b53f3a.tar.gz |
wpa_supplicant: Security Advisory-CVE-2016-4476
Add CVE-2016-4476 patch for avoiding \n and \r characters in passphrase
parameters, which allows remote attackers to cause a denial of service
(daemon outage) via a crafted WPS operation.
Patches came from http://w1.fi/security/2016-1/
(From OE-Core rev: ed610b68f7e19644c89d7131e34c990a02403c62)
(From OE-Core rev: 6ef620c717c43a29f51ccd298c84070552bdfe52)
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0003-Reject-SET-commands-with-newline-characters-in-the-s.patch')
0 files changed, 0 insertions, 0 deletions