python: Fix CVE-2014-7185 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Wenzong Fan <wenzong.fan@windriver.com>	2014-11-26 08:22:12 -0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-11-26 17:05:47 +0000
commit	b70ef7b95aae83e469e7d143026ad304d5214bfe (patch)
tree	3e349d79590390270edeafb6029114cb605dc4cb /documentation/kernel-dev/kernel-dev-customization.xsl
parent	bd00bc3d0d4e7de1d905e9160077f09b25ad2037 (diff)
download	poky-b70ef7b95aae83e469e7d143026ad304d5214bfe.tar.gz

python: Fix CVE-2014-7185

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function. This back-ported patch fixes CVE-2014-7185 (From OE-Core rev: 49ceed974e39ab8ac4be410e5caa5e1ef7a646d9) (From OE-Core rev: 3dd696e03e66fa98b58a17b7f34ffe4002ddc9c6) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Conflicts: meta/recipes-devtools/python/python_2.7.3.bb hand merged bb file since I did not take previous patch. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'documentation/kernel-dev/kernel-dev-customization.xsl')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: