curl: Security Advisory - curl - CVE-2014-3620 - linux/poky.git

diff options

author	Chong Lu <Chong.Lu@windriver.com>	2014-11-04 09:35:18 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-11-21 16:49:37 +0000
commit	19750cac36cc2400adb13a5bd247f255d37adc10 (patch)
tree	9955e5d0bae457ccd5f99afad6f7d0a64d875718 /scripts/lib/wic/plugins/source/bootimg-partition.py
parent	5deb78802ae787e74d08f4cc326651575be2dc0b (diff)
download	poky-19750cac36cc2400adb13a5bd247f255d37adc10.tar.gz

curl: Security Advisory - curl - CVE-2014-3620

libcurl wrongly allows cookies to be set for Top Level Domains (TLDs), thus making them apply broader than cookies are allowed. This can allow arbitrary sites to set cookies that then would get sent to a different and unrelated site or domain. (From OE-Core rev: ddbaade8afbc9767583728bfdc220639203d6853) (From OE-Core rev: db194a3af25a37ff2d6f091ef021894967ca5910) Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts/lib/wic/plugins/source/bootimg-partition.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: