projects / scm / bb / tizen-distro.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8459662) | patch
python: Fix CVE-2014-1912
authorMaxin B. John <maxin.john@enea.com>
Mon, 7 Apr 2014 15:48:11 +0000 (17:48 +0200)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Wed, 9 Apr 2014 08:53:14 +0000 (09:53 +0100)
commitc28c8f80a796980e229a7d02efe3e85e0291b50d
tree7ede8bc64e8747ae528c4484275ccc6233394030tree | snapshot
parent84596624c45814b96aa56443b01e3081f24c84a1commit | diff
python: Fix CVE-2014-1912

A remote user can send specially crafted data to trigger a buffer overflow
in socket.recvfrom_into() and execute arbitrary code on the target system.
The code will run with the privileges of the target service.

This back-ported patch fixes CVE-2014-1912

(From OE-Core rev: 344049ccfa59ae489c35fe0fb7592f7d34720b51)

Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-1912.patch [new file with mode: 0644] blob
meta/recipes-devtools/python/python_2.7.3.bb diff | blob | history
Domain: SCM / BB;