Mirror of git.openembedded.org/meta-openembedded https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=pyro 2017-09-14T00:16:28+00:00 2017-09-14T00:16:28+00:00 Yi Zhao yi.zhao@windriver.com 2017-08-24T05:56:32+00:00 urn:sha1:44af8be65f2f1969df006eec08040f5ff81df790 CVE-2013-7459: Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py. Reference: https://nvd.nist.gov/vuln/detail/CVE-2013-7459 Patch from: https://github.com/dlitz/pycrypto/commit/8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> (cherry picked from commit e4af9cf961c70bb4a96eaafd995d0ff2c264cb8e) Signed-off-by: Armin Kuster <akuster808@gmail.com>