diff options
author | Tudor Florea <tudor.florea@enea.com> | 2015-07-07 10:50:56 +0200 |
---|---|---|
committer | Tudor Florea <tudor.florea@enea.com> | 2015-07-07 22:58:50 +0200 |
commit | 5671167d2495d3a6b1e662707ff6123315f478cc (patch) | |
tree | 2aef7abc18883de003f4b1a35d4e5b814f81920f /meta/recipes-devtools/python/python_2.7.3.bb | |
parent | 34e5a4f013f8bd0158a984bf5ed5b10ca4c1a263 (diff) | |
download | poky-5671167d2495d3a6b1e662707ff6123315f478cc.tar.gz |
python: Backport CVE-2013-1752 fix from upstream
This back ported patch fixes CVE-2013-1752 for
ftplib,imaplib,nntplib and poplib
References:
http://bugs.python.org/issue16038
http://bugs.python.org/issue16039
http://bugs.python.org/issue16040
http://bugs.python.org/issue16041
https://access.redhat.com/security/cve/CVE-2013-1752
The ftplib,imaplib,nntplib and poplib modules doesn't limit the amount
of read data in its call to readline().
The modules should be modified to use limited readline() with _MAXLINE.
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Diffstat (limited to 'meta/recipes-devtools/python/python_2.7.3.bb')
-rw-r--r-- | meta/recipes-devtools/python/python_2.7.3.bb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python_2.7.3.bb b/meta/recipes-devtools/python/python_2.7.3.bb index bde7a70cf7..8c3b08ebb9 100644 --- a/meta/recipes-devtools/python/python_2.7.3.bb +++ b/meta/recipes-devtools/python/python_2.7.3.bb | |||
@@ -40,6 +40,10 @@ SRC_URI += "\ | |||
40 | file://python2.7.3-nossl3.patch \ | 40 | file://python2.7.3-nossl3.patch \ |
41 | file://python-2.7.3-CVE-2014-7185.patch \ | 41 | file://python-2.7.3-CVE-2014-7185.patch \ |
42 | file://python-2.7.3-CVE-2013-1752-httplib-fix.patch \ | 42 | file://python-2.7.3-CVE-2013-1752-httplib-fix.patch \ |
43 | file://python-2.7.3-CVE-2013-1752-ftplib-fix.patch \ | ||
44 | file://python-2.7.3-CVE-2013-1752-imaplib-fix.patch \ | ||
45 | file://python-2.7.3-CVE-2013-1752-nntplib-fix.patch \ | ||
46 | file://python-2.7.3-CVE-2013-1752-poplib-fix.patch \ | ||
43 | " | 47 | " |
44 | 48 | ||
45 | S = "${WORKDIR}/Python-${PV}" | 49 | S = "${WORKDIR}/Python-${PV}" |