summaryrefslogtreecommitdiff
path: root/scripts/contrib/python/generate-manifest-2.7.py
diff options
context:
space:
mode:
authoryanjun.zhu <yanjun.zhu@windriver.com>2012-12-11 18:00:32 +0800
committerScott Garman <scott.a.garman@intel.com>2012-12-27 15:42:39 -0800
commite6fddd1961061895e9335fa94b636163efdc9caa (patch)
tree72ff1acf6a4a83c8b4d7dd62bd806f5912ef41b3 /scripts/contrib/python/generate-manifest-2.7.py
parentbe34916d81b71385a560a6990c7b30eba243b356 (diff)
downloadopenembedded-core-e6fddd1961061895e9335fa94b636163efdc9caa.tar.gz
openembedded-core-e6fddd1961061895e9335fa94b636163efdc9caa.tar.bz2
openembedded-core-e6fddd1961061895e9335fa94b636163efdc9caa.zip
squashfs: fix CVE-2012-4025
CQID:WIND00366813 Reference: http://squashfs.git.sourceforge.net/git/gitweb.cgi? p=squashfs/squashfs;a=patch;h=8515b3d420f502c5c0236b86e2d6d7e3b23c190e Integer overflow in the queue_init function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted block_log field in the superblock of a .sqsh file, leading to a heap-based buffer overflow. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4025 Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> [YOCTO #3564] Signed-off-by: Saul Wold <sgw@linux.intel.com>
Diffstat (limited to 'scripts/contrib/python/generate-manifest-2.7.py')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-13 12:17:10 +0000