diff options
| author | Sona Sarmadi <sona.sarmadi@enea.com> | 2015-04-22 14:57:28 +0200 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2015-04-27 15:20:45 +0100 |
| commit | 97e9be81304ddebdee1045105264f09cac6b239a (patch) | |
| tree | 4883bdd77ed772b9153d80bb43cd726fe3c5adf1 /meta/recipes-devtools/python/python_2.7.3.bb | |
| parent | 523aaea8e2be33acd417ae8cbaa7de93bb9e3d63 (diff) | |
| download | poky-97e9be81304ddebdee1045105264f09cac6b239a.tar.gz | |
python: CVE-2014-7185
Integer overflow in bufferobject.c in Python before 2.7.8 allows
context-dependent attackers to obtain sensitive information from
process memory via a large size and offset in a "buffer" function.
PoC:
(From OE-Core rev: 2590eb53a6dac90cba52edd09ea56a6bdf4c4533)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/python/python_2.7.3.bb')
| -rw-r--r-- | meta/recipes-devtools/python/python_2.7.3.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python_2.7.3.bb b/meta/recipes-devtools/python/python_2.7.3.bb index 4d2594a942..ccae3fa261 100644 --- a/meta/recipes-devtools/python/python_2.7.3.bb +++ b/meta/recipes-devtools/python/python_2.7.3.bb | |||
| @@ -37,6 +37,7 @@ SRC_URI += "\ | |||
| 37 | file://python-fix-build-error-with-Readline-6.3.patch \ | 37 | file://python-fix-build-error-with-Readline-6.3.patch \ |
| 38 | file://python-2.7.3-CVE-2014-1912.patch \ | 38 | file://python-2.7.3-CVE-2014-1912.patch \ |
| 39 | file://python2.7.3-nossl3.patch \ | 39 | file://python2.7.3-nossl3.patch \ |
| 40 | file://python-2.7.3-CVE-2014-7185.patch \ | ||
| 40 | " | 41 | " |
| 41 | 42 | ||
| 42 | S = "${WORKDIR}/Python-${PV}" | 43 | S = "${WORKDIR}/Python-${PV}" |