diff options
author | Yue Tao <Yue.Tao@windriver.com> | 2017-08-15 02:55:23 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-09-11 22:15:58 +0100 |
commit | cb4fd41504826905455a34d3cb85e952f4ed4991 (patch) | |
tree | 1c6703fee02c85c196c4127353a74d3fce282e05 /meta/recipes-gnome/gnome-desktop | |
parent | df8c138772f478c3f02a2985730d17d080673fcd (diff) | |
download | poky-cb4fd41504826905455a34d3cb85e952f4ed4991.tar.gz |
libtasn1: CVE-2017-10790
The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes
a NULL pointer dereference and crash when reading crafted input that
triggers assignment of a NULL value within an asn1_node structure. It
may lead to a remote denial of service attack.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-10790
http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;
h=d8d805e1f2e6799bb2dff4871a8598dc83088a39
(From OE-Core rev: 6176151625c971de031e14c97601ffd75a29772f)
(From OE-Core rev: 649f78102222ec156d490968c13d3222379a1956)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-gnome/gnome-desktop')
0 files changed, 0 insertions, 0 deletions