summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/packagegroups
diff options
context:
space:
mode:
authorRoss Burton <ross.burton@intel.com>2018-02-08 22:59:01 +0000
committerRichard Purdie <richard.purdie@linuxfoundation.org>2018-02-16 18:05:39 +0000
commit78311acbd37351d1f2562e1eb783bdd1668e4dd3 (patch)
tree2c2eddddd73fc33cc5e21b2eb6b8de8759395ba4 /meta/recipes-extended/packagegroups
parent2ae11f4a33794bacb5c32f2abb3fb82f953976f2 (diff)
downloadpoky-78311acbd37351d1f2562e1eb783bdd1668e4dd3.tar.gz
qemu: fix CVE-2017-15124
VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing memory to hold onto this data. A malicious remote VNC client could use this flaw to cause DoS to the server host. Backport a series of patches from upstream to resolve this. (From OE-Core rev: a93d8ed1bc97595492abfca92d606e20dbdfa617) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/packagegroups')
0 files changed, 0 insertions, 0 deletions