diff options
author | yanjun.zhu <yanjun.zhu@windriver.com> | 2012-11-30 19:08:56 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2012-12-07 15:58:18 +0000 |
commit | b8f6d9cbfde193e6c2dbe11aec57f6ef9d7986f4 (patch) | |
tree | e13477a2e618a4881e0a8dab72761ffaf205bf21 /meta/recipes-support/libproxy/libproxy_0.4.7.bb | |
parent | 2288ff099c33574bc1615b4aa3422ea8a4ee73da (diff) | |
download | poky-b8f6d9cbfde193e6c2dbe11aec57f6ef9d7986f4.tar.gz |
libproxy: Fix for CVE-2012-4504
Reference:https://code.google.com/p/libproxy/source/detail?r=853
Stack-based buffer overflow in the url::get_pac function in url.cpp
in libproxy 0.4.x before 0.4.9 allows remote servers to have an
unspecified impact via a large proxy.pac file.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4504
[YOCTO #3487]
Fixes denzil [YOCTO #3511]
(From OE-Core rev: 543d608ae6251956b84e6423ec66f146f926d4b8)
Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support/libproxy/libproxy_0.4.7.bb')
-rw-r--r-- | meta/recipes-support/libproxy/libproxy_0.4.7.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-support/libproxy/libproxy_0.4.7.bb b/meta/recipes-support/libproxy/libproxy_0.4.7.bb index e3721a8f5b..fc32f5785d 100644 --- a/meta/recipes-support/libproxy/libproxy_0.4.7.bb +++ b/meta/recipes-support/libproxy/libproxy_0.4.7.bb | |||
@@ -13,6 +13,7 @@ PR = "r4" | |||
13 | SRC_URI = "http://libproxy.googlecode.com/files/libproxy-${PV}.tar.gz \ | 13 | SRC_URI = "http://libproxy.googlecode.com/files/libproxy-${PV}.tar.gz \ |
14 | file://g++-namepace.patch \ | 14 | file://g++-namepace.patch \ |
15 | file://libproxy_fix_for_gcc4.7.patch \ | 15 | file://libproxy_fix_for_gcc4.7.patch \ |
16 | file://libproxy-0.4.7-CVE-2012-4504.patch \ | ||
16 | " | 17 | " |
17 | 18 | ||
18 | SRC_URI[md5sum] = "509e03a488a61cd62bfbaf3ab6a2a7a5" | 19 | SRC_URI[md5sum] = "509e03a488a61cd62bfbaf3ab6a2a7a5" |