pulseaudio: fix CVE-2014-3970 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Shan Hai <shan.hai@windriver.com>	2014-07-28 01:18:50 -0400
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-07-29 09:58:26 +0100
commit	0685207d43b1bb7ad8be21e14c0f543070c9efcf (patch)
tree	c66eee58ae44cc42b33ed363440bebdd60425db4 /meta/recipes-support/nss
parent	c6a57f7f4c8502d8d401db4d872738f680cfc637 (diff)
download	poky-0685207d43b1bb7ad8be21e14c0f543070c9efcf.tar.gz

pulseaudio: fix CVE-2014-3970

The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet. Fix it by picking a patch from pulseaudio upstream code. (From OE-Core rev: f9d7407e54f1fa3d3a316a5bbb8b80665e6f03fd) Signed-off-by: Shan Hai <shan.hai@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-support/nss')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: