openembedded-core.git - Mirror of openembedded-core

diff options

author	yanjun.zhu <yanjun.zhu@windriver.com>	2014-05-20 09:27:47 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-10-10 15:05:52 +0100
commit	73aff6efb3374427234a3615ffca07874f22f3fa (patch)
tree	609f7f1acc7c9bfc60c57713541e4a729dc3d2ae /meta/lib/oe/manifest.py
parent	8b9164029153fa06520bd5b6349245c2ac1f605f (diff)
download	openembedded-core-73aff6efb3374427234a3615ffca07874f22f3fa.tar.gz openembedded-core-73aff6efb3374427234a3615ffca07874f22f3fa.tar.bz2 openembedded-core-73aff6efb3374427234a3615ffca07874f22f3fa.zip

perl: fix for CVE-2010-4777

The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4777 (From OE-Core rev: 368df9f13ddf124e6aaaec06c02ab698c9e0b6c3) Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/lib/oe/manifest.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: