python: Fix CVE-2014-1912 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Maxin B. John <maxin.john@enea.com>	2014-04-07 17:48:11 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-04-09 09:53:14 +0100
commit	e34ad1e27b7db3237ae0435864cced32133d7025 (patch)
tree	ebd140fed44797b530c929caee7060ccece2106a /meta/recipes-core/busybox/busybox.inc
parent	398a971f92bfe67ab3dad6420a4adf29ace66a55 (diff)
download	poky-e34ad1e27b7db3237ae0435864cced32133d7025.tar.gz

python: Fix CVE-2014-1912

A remote user can send specially crafted data to trigger a buffer overflow in socket.recvfrom_into() and execute arbitrary code on the target system. The code will run with the privileges of the target service. This back-ported patch fixes CVE-2014-1912 (From OE-Core rev: 344049ccfa59ae489c35fe0fb7592f7d34720b51) Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-core/busybox/busybox.inc')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: