| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes buffer() integer overflow leading to out of bounds read
This bug is only an issue if offset and size arguments are untrusted.
The buffer() was removed from Python 3 and hence Python 3 was not
affected by this issue.
Reference
http://openwall.com/lists/oss-security/2014/09/25/47
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is related to "SSLv3 POODLE vulnerability" CVE-2014-3566
Building python without SSLv3 support when openssl is built without
any support for SSLv3 (e.g. by adding EXTRA_OECONF = " -no-ssl3" in
the openssl recipes).
Backport from:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768611#22
[python2.7-nossl3.patch] only Modules/_ssl.c is backported.
References:
https://bugzilla.yoctoproject.org/show_bug.cgi?id=7015
https://bugzilla.yoctoproject.org/show_bug.cgi?id=6843
http://bugs.python.org/issue22638
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix for _json module arbitrary process memory read vulnerability
http://bugs.python.org/issue21529
Python 2 and 3 are susceptible to arbitrary process memory reading
by a user or adversary due to a bug in the _json module caused by
insufficient bounds checking.
The sole prerequisites of this attack are that the attacker is able to control
or influence the two parameters of the default scanstring function: the string
to be decoded and the index. The bug is caused by allowing the user to supply
a negative index value. The index value is then used directly as an index to
an array in the C code; internally the address of the array and its index are
added to each other in order to yield the address of the value that is desired.
However, by supplying a negative index value and adding this to the address of
the array, the processor's register value wraps around and the calculated value
will point to a position in memory which isn't within the bounds of the
supplied string, causing the function to access other parts of the process
memory.
Signed-off-by: Benjamin Peterson <benjamin@python.org> Applied to
python-native recipe in order to fix the above mentioned vulnerability.
Upstream-Status: Backport
Signed-off-by: Daniel BORNAZ <daniel.bornaz@enea.com>
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
|
Migrated from the internal git server on the daisy-enea branch
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
