From 2b10e943c879c0a510d4c2dcda127eef76974854 Mon Sep 17 00:00:00 2001
From: Sona Sarmadi <sona.sarmadi@enea.com>
Date: Tue, 21 Apr 2015 13:29:30 +0200
Subject: python: CVE-2014-7185

Fixes buffer() integer overflow leading to out of bounds read

This bug is only an issue if offset and size arguments are untrusted.
The buffer() was removed from Python 3 and hence Python 3 was not
affected by this issue.

Reference
http://openwall.com/lists/oss-security/2014/09/25/47

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
---
 meta/recipes-devtools/python/python_2.7.3.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta/recipes-devtools/python/python_2.7.3.bb')

diff --git a/meta/recipes-devtools/python/python_2.7.3.bb b/meta/recipes-devtools/python/python_2.7.3.bb
index 28ea2347e3..0d9ca456fe 100644
--- a/meta/recipes-devtools/python/python_2.7.3.bb
+++ b/meta/recipes-devtools/python/python_2.7.3.bb
@@ -38,6 +38,7 @@ SRC_URI += "\
   file://python-2.7.3-CVE-2014-1912.patch \
   file://json-flaw-CVE-2014-4616.patch \
   file://python2.7.3-nossl3.patch \
+  file://python-2.7.3-CVE-2014-7185.patch \
 "
 
 S = "${WORKDIR}/Python-${PV}"
-- 
cgit v1.2.3-54-g00ecf