summaryrefslogtreecommitdiff
path: root/LICENSE
diff options
context:
space:
mode:
authorChong Lu <Chong.Lu@windriver.com>2014-10-24 16:26:41 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2014-11-04 10:19:56 +0000
commit985ef933208da1dd1f17645613ce08e6ad27e2c1 (patch)
treea68d9c92d2acd04de75a92fba9a47528b3bed623 /LICENSE
parent3576399ed163cb3136ee1a2077622035d2033158 (diff)
downloadopenembedded-core-985ef933208da1dd1f17645613ce08e6ad27e2c1.tar.gz
openembedded-core-985ef933208da1dd1f17645613ce08e6ad27e2c1.tar.bz2
openembedded-core-985ef933208da1dd1f17645613ce08e6ad27e2c1.zip
curl: Security Advisory - curl - CVE-2014-3613
By not detecting and rejecting domain names for partial literal IP addresses properly when parsing received HTTP cookies, libcurl can be fooled to both sending cookies to wrong sites and into allowing arbitrary sites to set cookies for others. Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Diffstat (limited to 'LICENSE')
0 files changed, 0 insertions, 0 deletions