|
From http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6329:
"The _compile function in Maketext.pm in the Locale::Maketext implementation in
Perl before 5.17.7 does not properly handle backslashes and fully qualified
method names during compilation of bracket notation, which allows
context-dependent attackers to execute arbitrary commands via crafted input to
an application."
Patches taken from upstream git.
(From OE-Core rev: b585a50b7bd735c3092af9477af263c13c853d32)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|