curl: Security Advisory - curl - CVE-2014-3613 - linux/poky.git

diff options

author	Chong Lu <Chong.Lu@windriver.com>	2014-10-24 16:26:41 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-11-21 16:49:37 +0000
commit	5deb78802ae787e74d08f4cc326651575be2dc0b (patch)
tree	818df27339e718016a5c3327ca86718276056cde /scripts/lib/wic/plugins/source/bootimg-partition.py
parent	ffdef915868739130020edb6116e4ef512944838 (diff)
download	poky-5deb78802ae787e74d08f4cc326651575be2dc0b.tar.gz

curl: Security Advisory - curl - CVE-2014-3613

By not detecting and rejecting domain names for partial literal IP addresses properly when parsing received HTTP cookies, libcurl can be fooled to both sending cookies to wrong sites and into allowing arbitrary sites to set cookies for others. (From OE-Core rev: 985ef933208da1dd1f17645613ce08e6ad27e2c1) (From OE-Core rev: 7c4dfa64fd88066f2e0fbc917d8660f5b35e00c4) Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts/lib/wic/plugins/source/bootimg-partition.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: